CVE-2026-40191

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.4-beta-1f46165, ClearanceKit's Endpoint Security event handler only checked the source path of dual-path file operations against File Access Authorization FAA rules and App Jail...

CVE-2026-34218 ClearanceKit: Managed and user-defined policy rules not enforced between opfilter start and first policy modification

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.14, two related startup defects created a window during which only the single compile-time baseline rule was enforced by opfilter. All managed MDM-delivered and user-defined...

CVE-2026-34218 ClearanceKit: Managed and user-defined policy rules not enforced between opfilter start and first policy modification

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.14, two related startup defects created a window during which only the single compile-time baseline rule was enforced by opfilter. All managed MDM-delivered and user-defined...

CVE-2026-34218

ClearanceKit on macOS had a startup window where only the compile-time baseline policy was enforced by opfilter, delaying application of all managed and user-defined file-access rules until the GUI mutated policies via XPC. This allowed per-process access policies to be temporarily unenforced dur...

Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins

The agent-to-controller security subsystem limits which files on the Jenkins controller can be accessed by agent processes. Multiple vulnerabilities in the file path filtering implementation of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allow agent processes to read and write arbitrary...