CVE-2026-34218 ClearanceKit: Managed and user-defined policy rules not enforced between opfilter start and first policy modification

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.14, two related startup defects created a window during which only the single compile-time baseline rule was enforced by opfilter. All managed MDM-delivered and user-defined...

GO-2022-0588 Cross-site scripting via leaked style elements in github.com/microcosm-cc/bluemonday

The bluemonday HTML sanitizer can leak the contents of a "style" element into HTML output, potentially causing XSS vulnerabilities. The default bluemonday sanitization policies are not vulnerable. Only user-defined policies allowing "select", "style", and "option" elements are affected. Permittin...

It's Time For a New Privacy Model

The current raft of stories about privacy problems on Facebook and other high-profile sites is leading to a renewed consideration in some circles of whether there’s a need for tighter government regulation of sites’ privacy policies and user notifications. Regulation, experts say, may be the only...