VYPR

Clearancekit

by Craigjbass

Source repositories

CVEs (5)

  • CVE-2026-33631HigMar 26, 2026
    risk 0.50cvss 8.7epss 0.00

    ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. In versions on the 4.1 branch and earlier, the opfilter Endpoint Security system extension enforced file access policy exclusively by intercepting ES_EVENT_TYPE_AUTH_OPEN events.…

  • CVE-2026-40599HigApr 21, 2026
    risk 0.46cvss 7.1epss 0.00

    ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.5, ClearanceKit incorrectly treats a process with an empty Team ID and a non-empty Signing ID as an Apple platform binary. This bug allows a malicious software to…

  • CVE-2026-33632HigMar 26, 2026
    risk 0.44cvss 7.8epss 0.00

    ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.4, two file operation event types — ES_EVENT_TYPE_AUTH_EXCHANGEDATA and ES_EVENT_TYPE_AUTH_CLONE — were not intercepted by ClearanceKit's opfilter system…

  • CVE-2026-40604MedApr 21, 2026
    risk 0.29cvss 4.4epss 0.00

    ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.6, the opfilter Endpoint Security system extension (bundle ID uk.craigbass.clearancekit.opfilter) can be suspended with SIGSTOP or kill -STOP, or killed with…

  • CVE-2026-34218MedMar 31, 2026
    risk 0.29cvss 5.5epss 0.00

    ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.14, two related startup defects created a window during which only the single compile-time baseline rule was enforced by opfilter. All managed…

VYPR — Vulnerability Intelligence