784 matches found
CVE-2025-9190 TCC Bypass via misconfigured Node fuses in Cursor
The configuration of Cursor on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Cursor TCC Transparency, Consent, and Control permissions. Acquired resource access is limited to previously granted permission...
CVE-2025-53813 TCC Bypass via misconfigured Node fuses in Nozbe
The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Nozbe TCC Transparency, Consent, and Control permissions. Acquired resource access is limited to previously granted permissions...
CVE-2025-53813 TCC Bypass via misconfigured Node fuses in Nozbe
The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Nozbe TCC Transparency, Consent, and Control permissions. Acquired resource access is limited to previously granted permissions...
CVE-2025-53813
CVE-2025-53813 affects Nozbe on macOS due to a misconfiguration of the RunAsNode fuse, enabling a local unprivileged attacker to execute code that inherits Nozbe TCC permissions. Acquired resources are limited to user-granted permissions; other access requires a system prompt. The issue is fixed ...
CVE-2025-53811
CVE-2025-53811 describes a TCC-related bypass in Mosh-Pro on macOS caused by misconfigured RunAsNode fuses. A local, unprivileged attacker could execute arbitrary code that runs with Mosh-Pro’s TCC permissions, limited to permissions the user has already granted. Additional resource access beyond...
CVE-2025-53811 TCC Bypass via misconfigured Node fuses in Mosh-Pro
The configuration of Mosh-Pro on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Mosh-Pro TCC Transparency, Consent, and Control permissions. Acquired resource access is limited to previously granted...
PT-2025-34755 · Mosh Pro +1 · Mosh-Pro +1
Name of the Vulnerable Software and Affected Versions: Mosh-Pro version 1.3.2 Description: The configuration of Mosh-Pro on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Mosh-Pro TCC Transparency, Consent...
PT-2025-34758 · Unknown +1 · Invoice Ninja +1
Name of the Vulnerable Software and Affected Versions: Invoice Ninja versions prior to 5.0.175 Description: Invoice Ninja on macOS is susceptible to a local privilege escalation issue. The presence of the “com.apple.security.get-task-allow” entitlement allows local attackers with unprivileged...
PT-2025-34756 · Nozbe · Nozbe
Name of the Vulnerable Software and Affected Versions: Nozbe versions prior to 2025.11 Description: The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Nozbe TCC Transparency,...
Marginal Emissions Rates: See Carbon Emissions with Clarity in Real Time
Learn how Akamai is using marginal emissions rates to improve the transparency and accuracy of our emissions accounting...
Wordfence Bug Bounty Program Monthly Report – July 2025
Last month in July 2025, the Wordfence Bug Bounty Program received 325 vulnerability submissions from our growing community of security researchers working to improve the overall security posture of the WordPress ecosystem. These submissions are reviewed, triaged, and processed by the Wordfence...
CISA: 2025 Minimum Elements for a Software Bill of Materials (SBOM)
CISA is requesting public comment on its updated guidance on Software Bill of Materials SBOM to reflect the current state of maturity in software transparency and supply chain security. Building on the 2021 NTIA SBOM Minimum Elements, this update aims to help agencies and organizations to manage...
Medium: gnutls
Issue Overview: A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an...
Amazon Linux 2023 : gnutls, gnutls-c++, gnutls-dane (ALAS2023-2025-1140)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1140 advisory. A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName...
CVE-2025-7961
Improper Control of Generation of Code 'Code Injection' vulnerability in Wulkano KAP on MacOS allows TCC Bypass.This issue affects KAP: 3.6.0...
CVE-2025-7961
Improper Control of Generation of Code 'Code Injection' vulnerability in Wulkano KAP on MacOS allows TCC Bypass.This issue affects KAP: 3.6.0...
PT-2025-33497
Name of the Vulnerable Software and Affected Versions: Wulkano KAP version 3.6.0 Description: Improper Control of Generation of Code 'Code Injection' in Wulkano KAP on MacOS allows TCC Bypass. Recommendations: At the moment, there is no information about a newer version that contains a fix for th...
SUSE CVE-2025-8672
MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the application...
com.appmattus.certificatetransparency:certificatetransparency (>=0.3.0 <=1.1.1), com.appmattus.certificatetransparency:certificatetransparency-android (>=0.3.0 <=1.1.1) +27 more potentially affected by CVE-2025-8885 via org.bouncycastle:bctls-jdk15to18 (>=1.66 <=1.70)
org.bouncycastle:bctls-jdk15to18 MAVEN version =1.66, =0.3.0, =0.3.0, =2.0.0, =1.0.0, =1.0.0, =5.23.1, =3.8.1, =1.9.1, =1.0.0-LOCAL, =1.0.0, =2.15.1, =1.0.2, =1.8.1, =1.8.6 and more Source cves: CVE-2025-8885 Source advisory: OSV:GHSA-67MF-3CR5-8W23...
CVE-2025-8672
MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the application...