59 matches found
CVE-2026-39309
CVE-2026-39309 affects Trilium Notes before v0.102.2. The Electron configuration allows a RunAsNode fuse to launch the app in a special Node.js mode (-e) that can execute arbitrary commands with Trilium’s permissions, enabling a local attacker to spoof macOS TCC prompts. An attacker could trigger...
CVE-2026-39309
Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to TCC Bypass via Prompt Spoofing, allowing local attackers to trigger misleading macOS permission...
EUVD-2026-31008
Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to TCC Bypass via Prompt Spoofing, allowing local attackers to trigger misleading macOS permission...
CVE-2025-1398
Mattermost Desktop App versions =5.10.0 explicitly declared unnecessary macOS entitlements which allows an attacker with remote access to bypass Transparency, Consent, and Control TCC via code injection...
CVE-2025-64723 Arduino IDE for macOS has TCC Bypass via Dynamic Library Injection
Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS was configured with overly permissive security entitlements that could bypass macOS Hardened Runtime protections. This configuration allows attackers to inject malicious dynamic libraries into the...
CVE-2025-64723 Arduino IDE for macOS has TCC Bypass via Dynamic Library Injection
Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS was configured with overly permissive security entitlements that could bypass macOS Hardened Runtime protections. This configuration allows attackers to inject malicious dynamic libraries into the...
Libre Office TCC Bypass via Bundled Interpreter vulnerability (Dec 2025) - Mac OS X
Libre Office is prone to a tcc bypass via bundled interpreter vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2025-14714 TCC Bypass via Inherited Permissions in Bundled Interpreter
An Authentication Bypass vulnerability existed where the application bundled an interpreter Python that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle By executing the bundled interpreter directly the attacker's scripts run with...
CVE-2025-12843
Code Injection using Electron Fuses in waveterm on MacOS allows TCC Bypass. This issue affects waveterm: 0.12.2...
CVE-2025-12843
Code Injection using Electron Fuses in waveterm on MacOS allows TCC Bypass. This issue affects waveterm: 0.12.2...
CVE-2025-12843
Code Injection using Electron Fuses in waveterm on MacOS allows TCC Bypass. This issue affects waveterm: 0.12.2...
CVE-2025-12843 Code Injection in Wave Term v0.12.2 allowing TCC Bypass
Code Injection using Electron Fuses in waveterm on MacOS allows TCC Bypass. This issue affects waveterm: 0.12.2...
CVE-2025-12843 Code Injection in Wave Term v0.12.2 allowing TCC Bypass
Code Injection using Electron Fuses in waveterm on MacOS allows TCC Bypass. This issue affects waveterm: 0.12.2...
CVE-2025-12843
CVE-2025-12843 describes a code injection vulnerability in Wave Term (waveterm) for macOS, affecting version 0.12.2. The issue arises from Electron Fuses code injection and allows a TCC bypass, with CVSS parameters indicating local access, low attack complexity, and low privileges required. The i...
PT-2025-50942
Name of the Vulnerable Software and Affected Versions waveterm version 0.12.2 Description Code Injection using Electron Fuses in waveterm on MacOS allows TCC Bypass. The issue allows for code execution by exploiting Electron Fuses. Recommendations At the moment, there is no information about a...
EUVD-2025-28697
Malicious code in bioql PyPI...
EUVD-2025-25783
Malicious code in bioql PyPI...
CVE-2025-10015 TCC Bypass via Downloader XPC Service in Sparkle
The Sparkle framework includes an XPC service Downloader.xpc, by default this service is private to the application its bundled with. A local unprivileged attacker can register this XPC service globally which will inherit TCC permissions of the application. Lack of validation of connecting client...
CVE-2025-10015 TCC Bypass via Downloader XPC Service in Sparkle
The Sparkle framework includes an XPC service Downloader.xpc, by default this service is private to the application its bundled with. A local unprivileged attacker can register this XPC service globally which will inherit TCC permissions of the application. Lack of validation of connecting client...
CVE-2025-8597
MacVim's configuration on macOS, specifically the presence of entitlement "com.apple.security.get-task-allow", allows local attackers with unprivileged access e.g. via a malicious application to attach a debugger, read or modify the process memory, inject code in the application's context despite...