EUVD-2026-12829

The "Privileged Helper" component of the Arturia Software Center MacOS does not perform sufficient client code signature validation when a client connects. This leads to an attacker being able to connect to the helper and execute privileged actions leading to local privilege escalation...

Arturia Software Center 安全漏洞

The Arturia Software Center is an application developed by the French company Arturia, used for managing, installing, and updating music production software and plugins. The Arturia Software Center has a security vulnerability, which stems from insufficient client-side code signature verification...

PT-2026-26066

The "Privileged Helper" component of the Arturia Software Center MacOS does not perform sufficient client code signature validation when a client connects. This leads to an attacker being able to connect to the helper and execute privileged actions leading to local privilege escalation...

CVE-2026-31961 Unbounded memory allocation in Quill via unvalidated size fields in Mach-O binary parsing

Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 contains an unbounded memory allocation vulnerability when parsing Mach-O binaries. Exploitation requires that Quill processes an attacker-supplied Mach-O binary, which is most likely in...

CVE-2026-24071

It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler function uses xpcconnectiongetpidarg2 as argument f...

CVE-2026-24071

It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler function uses xpcconnectiongetpidarg2 as argument f...

CVE-2026-24071

It was found that the XPC service offered by the privileged helper of Native Access uses the PID of the connecting client to verify its code signature. This is considered insecure and can be exploited by PID reuse attacks. The connection handler function uses xpcconnectiongetpidarg2 as argument f...

CVE-2026-24071

CVE-2026-24071 affects Native Instruments Native Access. The XPC service’s privileged helper uses the connecting client’s PID as input to hasValidSignature, which is insecure because PID values are untrusted and can be reused. This enables a local attacker to potentially bypass signature checks a...

PT-2026-5658

Name of the Vulnerable Software and Affected Versions Native Access affected versions not specified Description The XPC service within Native Access’s privileged helper is susceptible to a security issue. The service utilizes the process ID PID of connecting clients to validate code signatures,...

Native Instruments Native Access 安全漏洞

Native Instruments Native Access is a one-stop device management center provided by the German company Native Instruments. There is a security vulnerability in Native Instruments Native Access. This vulnerability stems from the Privilege Assistant XPC service using client PID for verifying code...

CVE-2024-34331

A lack of code signature verification in Parallels Desktop for Mac v19.3.0 and below allows attackers to escalate privileges via a crafted macOS installer, because Parallels Service is setuid root...

Apple macOS 安全漏洞

Apple macOS Sequoia is an operating system announced by Apple on June 10, 2024 at the WWDC24 developer conference. Apple macOS Sequoia suffers from an insufficient code signature restriction vulnerability that can be exploited by an attacker to access sensitive user data...

EUVD-2018-2542

Malware in sbrugna...

EUVD-2014-4311

Malware in sbrugna...

EUVD-2021-17690

Malware in sbrugna...

EUVD-2022-45856

Malicious code in bioql PyPI...

EUVD-2021-7313

Malicious code in bioql PyPI...

EUVD-2022-45852

Malicious code in bioql PyPI...

Apple macOS Tahoe 安全漏洞

Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...

Apple macOS Sequoia has an unspecified vulnerability (CNVD-2025-18406)

Apple macOS Sequoia is an operating system from the American company Apple Apple. Apple macOS Sequoia suffers from a security vulnerability that stems from an insufficient code signature restriction, which can be exploited by an attacker to cause access to private user data...