High severityNVD Advisory· Published Feb 12, 2026· Updated Apr 15, 2026

CVE-2026-26224

Description

Intego Log Reporter, a macOS diagnostic utility bundled with Intego security products that collects system and application logs for support analysis, contains a local privilege escalation vulnerability. A root-executed diagnostic script creates and writes files in /tmp without enforcing secure directory handling, introducing a time-of-check to time-of-use (TOCTOU) race condition. A local unprivileged user can exploit a symlink-based race condition to cause arbitrary file writes to privileged system locations, resulting in privilege escalation to root.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

blog.quarkslab.com/intego_lpe_macos_1.htmlnvd
blog.quarkslab.com/resources/2026-02-10_intego_1/40945709530779-How-to-Use-the-Intego-Log-Reporter.pdfnvd
www.intego.comnvd
www.vulncheck.com/advisories/intego-log-reporter-toctou-local-privilege-escalationnvd

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000