cvedb.io
CVE-2026-40604
MEDIUM · CVSS 4.4
EPSS exploitation probability: 0%
Published 2026-04-21T18:16:51.977 · Last modified 2026-06-17T10:45:31.340

Summary

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.6, the opfilter Endpoint Security system extension (bundle ID uk.craigbass.clearancekit.opfilter) can be suspended with SIGSTOP or kill -STOP, or killed with SIGKILL/SIGTERM, by any process running as root. While the extension is suspended, all AUTH Endpoint Security events time out and default to allow, silently disabling ClearanceKit's file-access policy enforcement for the duration of the suspension. This vulnerability is fixed in 5.0.6.

Affected products

craigjbass — clearancekit

Does this affect you?

Add your gear to cvedb and we'll alert you only when craigjbass ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.