CVE-2026-32323 Mullvad VPN for macOS: Local Privilege Escalation via unverified bundle path in installer

Mullvad VPN is a VPN client app for desktop and mobile. When using macOS with versions 2026.1 and below, Mullvad VPN may allow local privilege escalation during installation or upgrade. The installer package executes binaries from /Applications/Mullvad VPN.app without verifying if the bundle is...

Electron 操作系统命令注入漏洞

Electron is an open-source JavaScript framework developed by users for creating cross-platform desktop applications. This framework is based on Node.js and Chromium, allowing the development of cross-platform desktop applications using HTML and CSS. Versions of Electron prior to 38.8.6, 39.8.1,...

CVE-2016-9012

CloudVision Portal CVP before 2016.1.2.1 allows remote authenticated users to gain access to the internal configuration mechanisms via the management plane, related to a request to /web/system/console/bundle...

Adobe Version Cue 1.0/1.0.1 (OSX) - '-lib' Local Privilege Escalation

/ Adobe Version Cue VCNativeOSX: local root exploit. dyld by: vade79/v9 [email protected] fakehalo/realhalo Adobe Version Cue's VCNative program allows un-privileged local users to load arbitrary libraries"bundles" while running setuid root. this is done via the "-lib" command-line option. note:...