CVE Catalog

CVE-2026-26422

HighCVSS 8.4
Published: Updated: Translated: NVD NIST

Summary

In versions of clash-verge-service-ipc before 2.3.0, there is a world-reachable IPC endpoint, leading to local privilege escalation.

Risk Assessment

Organizations may be exposed to unauthorized access to systems, potentially leading to serious security breaches.

Recommendation

It is recommended to upgrade to version 2.3.0 or later to mitigate this vulnerability.

Original NVD description (English source)

clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS