CVE-2026-33632

HIGH EPSS 1.1%
Published Mar 26, 20263mo ago · Modified Jun 17, 20262w ago
8.4 CVSS 4.0
High
Find Similar
Published Mar 26, 2026 3mo ago
Last Modified Jun 17, 2026 2w ago

Description

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.4, two file operation event types — ES_EVENT_TYPE_AUTH_EXCHANGEDATA and ES_EVENT_TYPE_AUTH_CLONE — were not intercepted by ClearanceKit's opfilter system extension, allowing local processes to bypass file access policies. Commit 6181c4a patches the vulnerability by subscribing to both event types and routing them through the existing policy evaluator. Users must upgrade to v4.2.4 or later and reactivate the system extension.

CVSS Details

Base Score
8.4
Exploitability
Impact
Vector string
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
1.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-862 Missing Authorization Authorization

Affected Products 1

VendorProductVersionRange
craigjbassclearancekit* <4.2.4

References 2

  • github.com https://github.com/craigjbass/clearancekit/commit/6181c4a22eccbeca973c77f4bd023eb795c13786
    Patch
  • github.com https://github.com/craigjbass/clearancekit/security/advisories/GHSA-wpxj-vhfp-hhvm
    PatchVendor Advisory

Remediation

  • github.com https://github.com/craigjbass/clearancekit/commit/6181c4a22eccbeca973c77f4bd023eb795c13786
    Patch
  • github.com https://github.com/craigjbass/clearancekit/security/advisories/GHSA-wpxj-vhfp-hhvm
    PatchVendor Advisory