CVE Catalog

CVE-2026-2638

HighCVSS 7.3
Published: Updated: Translated: NVD NIST

Summary

A vulnerability in the quarantine and restore workflow of X-VPN macOS versions 77.0 through 77.5 allows a local attacker to leverage a race condition and symlink manipulation to achieve privileged file corruption.

Risk Assessment

An attacker could gain access to sensitive files, potentially leading to serious security breaches in the system.

Recommendation

It is recommended to update to the latest version of X-VPN to mitigate this vulnerability and to monitor the system for unauthorized changes.

Original NVD description (English source)

A vulnerability in the quarantine and restore workflow of the X-VPN macOS website versions 77.0 through 77.5 allow a local attacker to leverage a race condition and symlink manipulation to achieve privileged file corruption.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS