CVE Catalog
CVE-2026-2638
HighCVSS 7.3Summary
A vulnerability in the quarantine and restore workflow of X-VPN macOS versions 77.0 through 77.5 allows a local attacker to leverage a race condition and symlink manipulation to achieve privileged file corruption.
Risk Assessment
An attacker could gain access to sensitive files, potentially leading to serious security breaches in the system.
Recommendation
It is recommended to update to the latest version of X-VPN to mitigate this vulnerability and to monitor the system for unauthorized changes.
Original NVD description (English source)
A vulnerability in the quarantine and restore workflow of the X-VPN macOS website versions 77.0 through 77.5 allow a local attacker to leverage a race condition and symlink manipulation to achieve privileged file corruption.

