CVE-2026-40599 ClearanceKit: Ad-hoc signed binaries can spoof Apple process identities in the global allowlist

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.5, ClearanceKit incorrectly treats a process with an empty Team ID and a non-empty Signing ID as an Apple platform binary. This bug allows a malicious software to impersonate an apple...

ClearanceKit 安全漏洞

ClearanceKit is a macOS file system access control tool developed by Craig J. Bass. Versions of ClearanceKit prior to 5.0.5 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of Team IDs and Signing IDs, allowing malware to impersonate Apple processes and...