CVE-2026-2638

UNKNOWN 0.0

X-VPN macOS website versions - Local Privilege Escalation

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

A vulnerability in the quarantine and restore workflow of the X-VPN macOS website versions 77.0 through 77.5 allow a local attacker to leverage a race condition and symlink manipulation to achieve privileged file corruption.

CWE	CWE-367
Vendor	x-vpn
Product	x-vpn macos website
Published	Jun 9, 2026
Last Updated	Jun 9, 2026

Stay Ahead of the Next One

Get instant alerts for x-vpn x-vpn macos website

Be the first to know when new unknown vulnerabilities affecting x-vpn x-vpn macos website are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

X-VPN / X-VPN macOS website

77.0 ≤ 77.5

References

NVD ↗ CVE.org ↗ EPSS Data ↗

fluidattacks.com: https://fluidattacks.com/es/advisories/soad xvpn.io: https://xvpn.io/resources/statement-local-privilege-escalation-vulnerability xvpn.io: https://xvpn.io/download/vpn-mac xvpn.io: https://xvpn.io/

Credits

Oscar Uribe