CVE-2026-40599 | THREATINT

Description

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.5, ClearanceKit incorrectly treats a process with an empty Team ID and a non-empty Signing ID as an Apple platform binary. This bug allows a malicious software to impersonate an apple process in the global allowlist, and access all protected files. This vulnerability is fixed in 5.0.5.

PUBLISHED Reserved 2026-04-14 | Published 2026-04-21 | Updated 2026-04-21 | Assigner GitHub_M

HIGH: 8.4CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-863: Incorrect Authorization

Product status

< 5.0.5

affected

References

github.com/...ncekit/security/advisories/GHSA-w253-42qp-5f2x exploit

github.com/...ncekit/security/advisories/GHSA-w253-42qp-5f2x

cve.org (CVE-2026-40599)

nvd.nist.gov (CVE-2026-40599)

Download JSON