Lucene search
K

379 matches found

NVD
NVD
added 2026/07/01 3:16 p.m.7 views

CVE-2026-12374

Improper certificate validation and a time-of-check time-of-use TOCTOU race condition in the PrivilegedHelperTool XPC service in Cato Client before v.5.13.1 on macOS allows a local authenticated attacker to escalate privileges to root via a self-signed certificate that bypasses the XPC caller...

7.3CVSS0.00055EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/01 2:7 p.m.5 views

EUVD-2026-41001

Improper certificate validation and a time-of-check time-of-use TOCTOU race condition in the PrivilegedHelperTool XPC service in Cato Client before v.5.13.1 on macOS allows a local authenticated attacker to escalate privileges to root via a self-signed certificate that bypasses the XPC caller...

7.3CVSS5.8AI score0.00055EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 2:7 p.m.38 views

CVE-2026-12374

CVE-2026-12374 affects the macOS PrivilegedHelperTool in Cato Client prior to v5.13.1. The issue combines improper XPC caller certificate validation with a TOCTOU race, allowing a local authenticated attacker to escalate to root by using a self-signed certificate that bypasses XPC caller verifica...

7.3CVSS5.8AI score0.00055EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 3:0 p.m.11 views

CVE-2026-24064

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed with hardened runtime entitlements that permit dynamic library injection. A local attacker can set the DYLDINSERTLIBRARIES...

7.8CVSS6.2AI score0.00151EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/10 11:49 a.m.43 views

CVE-2026-24067 Slate Digital Connect macOS XPC PID validation privilege escalation

Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital.connect.privileged.helper.tool, which exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The helper validates connecting XPC clients by obtaining the client's process identifier and...

0.00131EPSS
Exploits1References1
CVE
CVE
added 2026/06/10 11:49 a.m.30 views

CVE-2026-24067

Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool (com.slatedigital.connect.privileged.helper.tool) that exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The root cause is a PID-based client validation that is vulnerable to a time-of-check time-of-u...

8.4CVSS5.4AI score0.00131EPSS
Exploits1References2
CVE
CVE
added 2026/06/10 11:43 a.m.90 views

CVE-2026-24066

Slate Digital Connect 1.37.0 for macOS exposes a privileged helper tool (com.slatedigital.connect.privileged.helper.tool) that serves an XPC service (com.slatedigital.connect.privileged.helper.tool2). The root cause is that the helper validates connecting XPC clients by checking only the subject....

8.4CVSS5.4AI score0.00122EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/10 11:43 a.m.10 views

EUVD-2026-36002

Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital.connect.privileged.helper.tool, which exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The helper validates connecting XPC clients by checking only the subject.OU value of the...

8.4CVSS5.4AI score0.00122EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/10 11:43 a.m.43 views

CVE-2026-24066 Slate Digital Connect macOS XPC certificate validation privilege escalation

Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital.connect.privileged.helper.tool, which exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The helper validates connecting XPC clients by checking only the subject.OU value of the...

0.00122EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.21 views

PT-2026-48400

Name of the Vulnerable Software and Affected Versions Slate Digital Connect version 1.37.0 Description The software installs a privileged helper tool, 'com.slatedigital.connect.privileged.helper.tool', which exposes the XPC service 'com.slatedigital.connect.privileged.helper.tool2'. The helper...

8.4CVSS5.2AI score0.00122EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.18 views

Slate Digital Connect 安全漏洞

Slate Digital Connect is an audio plugin management and licensing client developed by Slate Digital. Version 1.37.0 of Slate Digital Connect contains a security vulnerability. This vulnerability stems from the XPC service verifying the client only based on the subject.OU value of the client’s...

8.4CVSS5.4AI score0.00122EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.15 views

PT-2026-48401

Name of the Vulnerable Software and Affected Versions Slate Digital Connect version 1.37.0 Description The software installs a privileged helper tool, 'com.slatedigital.connect.privileged.helper.tool', which exposes the XPC service 'com.slatedigital.connect.privileged.helper.tool2'. The helper...

8.4CVSS5.1AI score0.00131EPSS
Exploits1References7
EUVD
EUVD
added 2026/06/09 6:30 p.m.11 views

EUVD-2026-35447

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed with hardened runtime entitlements that permit dynamic library injection. A local attacker can set the DYLDINSERTLIBRARIES...

6.2AI score0.00151EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/06/09 2:50 p.m.9 views

CVE-2026-24065 Local Privilege Escalation via Insecure XPC Client Validation in Waves Central for macOS

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability in the privileged helper service. The helper validates connecting XPC clients using the client process identifier PID to verify code-signing identity. Because process identifiers can be reuse...

6.1AI score0.00323EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/09 2:50 p.m.35 views

CVE-2026-24065 Local Privilege Escalation via Insecure XPC Client Validation in Waves Central for macOS

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability in the privileged helper service. The helper validates connecting XPC clients using the client process identifier PID to verify code-signing identity. Because process identifiers can be reuse...

0.00323EPSS
Exploits1References1
CVE
CVE
added 2026/06/09 2:50 p.m.30 views

CVE-2026-24065

Waves Central for macOS (versions 13.0.9–16.5.5) contains a local privilege escalation in the privileged helper service. The helper validates connecting XPC clients by examining the client PID to verify code-signing identity. Since PIDs can be reused, an attacker can race between connection and v...

8.1CVSS6.1AI score0.00323EPSS
Exploits1References2
CVE
CVE
added 2026/06/09 2:47 p.m.27 views

CVE-2026-24064

Waves Central for macOS (versions 13.0.9–16.5.5) contains a local privilege escalation due to a trusted XPC client component signed with hardened runtime entitlements that allows dynamic library injection via DYLD_INSERT_LIBRARIES. An attacker can inject code into the trusted process at launch, w...

7.8CVSS6.2AI score0.00151EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/06/09 2:47 p.m.9 views

CVE-2026-24064 Local Privilege Escalation via Dynamic Library Injection in Waves Central for macOS

Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability. A trusted XPC client component included with the product is signed with hardened runtime entitlements that permit dynamic library injection. A local attacker can set the DYLDINSERTLIBRARIES...

6.2AI score0.00151EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/05/29 7:47 p.m.31 views

Sparkle's AppInstaller post-stage-1 XPC listener accepts unvalidated connections, allowing spoofed appcast item data injection

Summary AppInstaller post-stage-1 XPC listener accepts unvalidated connections, allowing spoofed appcast item data injection. Details Autoupdate/AppInstaller.m's shouldAcceptNewConnection: only enforces SUCodeSigningVerifier validateConnection: before stage 1 completes. After...

5.8AI score0.00014EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2026/05/29 12:0 a.m.19 views

Sparkle's AppInstaller post-stage-1 XPC listener accepts unvalidated connections, allowing spoofed appcast item data injection

AppInstaller post-stage-1 XPC listener accepts unvalidated connections, allowing spoofed appcast item data injection...

5.8AI score0.00014EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder