High severity7.0NVD Advisory· Published Feb 2, 2026· Updated Apr 20, 2026
CVE-2026-0924
CVE-2026-0924
Description
BuhoCleaner contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via insecure functions.This issue affects BuhoCleaner: 1.15.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:drbuho:buhocleaner:1.15.2:*:*:*:*:macos:*:*+ 1 more
- cpe:2.3:a:drbuho:buhocleaner:1.15.2:*:*:*:*:macos:*:*
- (no CPE)range: = 1.15.2
Patches
Vulnerability mechanics
References
3- fluidattacks.com/advisories/solstafirnvdExploitThird Party Advisory
- www.drbuho.com/buhocleanernvdProduct
- www.drbuho.com/buhocleaner/downloadnvdProduct
News mentions
0No linked articles in our index yet.