CVE-2026-33632
HIGH EPSS 1.1%
Published Mar 26, 20263mo ago · Modified Jun 17, 20262w ago
8.4 CVSS 4.0
Published Mar 26, 2026 3mo ago
Last Modified Jun 17, 2026 2w ago
Description
ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.4, two file operation event types — ES_EVENT_TYPE_AUTH_EXCHANGEDATA and ES_EVENT_TYPE_AUTH_CLONE — were not intercepted by ClearanceKit's opfilter system extension, allowing local processes to bypass file access policies. Commit 6181c4a patches the vulnerability by subscribing to both event types and routing them through the existing policy evaluator. Users must upgrade to v4.2.4 or later and reactivate the system extension.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope X
Threat Intelligence
EPSS Exploit Probability
1.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-862 Missing Authorization Authorization
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| craigjbass | clearancekit | * | <4.2.4 |
References 2
- github.com https://github.com/craigjbass/clearancekit/commit/6181c4a22eccbeca973c77f4bd023eb795c13786
- github.com https://github.com/craigjbass/clearancekit/security/advisories/GHSA-wpxj-vhfp-hhvm
Remediation
- github.com https://github.com/craigjbass/clearancekit/commit/6181c4a22eccbeca973c77f4bd023eb795c13786
- github.com https://github.com/craigjbass/clearancekit/security/advisories/GHSA-wpxj-vhfp-hhvm