3 matches found
EUVD-2026-34977
clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation...
CVE-2026-26422
clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation...
CVE-2026-26422
The issue: clash-verge-service-ipc before 2.3.0 exposes a world-reachable IPC endpoint, enabling local privilege escalation. Affected component: clash-verge-service-ipc; root cause: insecure IPC surface with broad access from localhost. Impact: local privilege escalation with high confidentiality...