CVE Catalog
CVE-2026-26422
HighCVSS 8.4Summary
In versions of clash-verge-service-ipc before 2.3.0, there is a world-reachable IPC endpoint, leading to local privilege escalation.
Risk Assessment
Organizations may be exposed to unauthorized access to systems, potentially leading to serious security breaches.
Recommendation
It is recommended to upgrade to version 2.3.0 or later to mitigate this vulnerability.
Original NVD description (English source)
clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation.

