CVE-2026-39309 Trilium Notes: macOS TCC Bypass via Prompt Spoofing

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to TCC Bypass via Prompt Spoofing, allowing local attackers to trigger misleading macOS permission...

EUVD-2025-25782

Malicious code in bioql PyPI...

CVE-2025-9190

The configuration of Cursor on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Cursor TCC Transparency, Consent, and Control permissions. Acquired resource access is limited to previously granted permission...

CVE-2025-53813

The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Nozbe TCC Transparency, Consent, and Control permissions. Acquired resource access is limited to previously granted permissions ...

CVE-2025-9190 TCC Bypass via misconfigured Node fuses in Cursor

The configuration of Cursor on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Cursor TCC Transparency, Consent, and Control permissions. Acquired resource access is limited to previously granted permission...

CVE-2025-53813 TCC Bypass via misconfigured Node fuses in Nozbe

The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Nozbe TCC Transparency, Consent, and Control permissions. Acquired resource access is limited to previously granted permissions...

CVE-2025-53813

CVE-2025-53813 affects Nozbe on macOS due to a misconfiguration of the RunAsNode fuse, enabling a local unprivileged attacker to execute code that inherits Nozbe TCC permissions. Acquired resources are limited to user-granted permissions; other access requires a system prompt. The issue is fixed ...

CVE-2025-53813 TCC Bypass via misconfigured Node fuses in Nozbe

The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Nozbe TCC Transparency, Consent, and Control permissions. Acquired resource access is limited to previously granted permissions...

CVE-2025-53811

CVE-2025-53811 describes a TCC-related bypass in Mosh-Pro on macOS caused by misconfigured RunAsNode fuses. A local, unprivileged attacker could execute arbitrary code that runs with Mosh-Pro’s TCC permissions, limited to permissions the user has already granted. Additional resource access beyond...

Cursor 安全漏洞

Cursor is an AI code editor from Cursor open source. A security vulnerability exists in Cursor version 15.4.1, which stems from a RunAsNode misconfiguration, and could lead to the execution of arbitrary code by a local attacker...

Nozbe 安全漏洞

What about Nozbe, a project management software from Nozbe, Inc. A security vulnerability exists in versions prior to Nozbe 2025.11 that stems from a RunAsNode misconfiguration that could lead to the execution of arbitrary code...

Mosh-Pro 安全漏洞

Mosh-Pro is a software for image and video processing from Mosh-Pro. A security vulnerability exists in Mosh-Pro version 1.3.2, which stems from a misconfiguration of RunAsNode and could lead to the execution of arbitrary code...

PT-2025-34759 · Cursor · Cursor

Name of the Vulnerable Software and Affected Versions: Cursor version 15.4.1 Description: The configuration of Cursor on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Cursor TCC Transparency, Consent, and...

PT-2025-34756 · Nozbe · Nozbe

Name of the Vulnerable Software and Affected Versions: Nozbe versions prior to 2025.11 Description: The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Nozbe TCC Transparency,...

CVE-2025-51387

The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code injection due to misconfigured Electron Fuses. Specifically, the following insecure settings were observed: RunAsNode is enabled and EnableNodeCliInspectArguments is not disabled. These configurations allow the application to be...

CVE-2024-23755

ClickUp Desktop before 3.3.77 on macOS and Windows allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode...

CVE-2024-23755

ClickUp Desktop before 3.3.77 on macOS and Windows allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode...

PT-2024-20059 · Clickup · Clickup Desktop

Name of the Vulnerable Software and Affected Versions: ClickUp Desktop versions prior to 3.3.77 Description: The issue allows code injection due to specific Electron Fuses, with inadequate protection against code injection through settings such as RunAsNode. This affects both macOS and Windows...

CVE-2024-23755

ClickUp Desktop before 3.3.77 on macOS and Windows allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode...

CVE-2024-25249

An issue in He3 App for macOS version 2.0.17, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings...