CVE-2026-33632

UNKNOWN 0.0

ClearanceKit: opfilter policy bypass via exchangedata and clone operations

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

2th

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.4, two file operation event types — ES_EVENT_TYPE_AUTH_EXCHANGEDATA and ES_EVENT_TYPE_AUTH_CLONE — were not intercepted by ClearanceKit's opfilter system extension, allowing local processes to bypass file access policies. Commit 6181c4a patches the vulnerability by subscribing to both event types and routing them through the existing policy evaluator. Users must upgrade to v4.2.4 or later and reactivate the system extension.

CWE	CWE-862
Vendor	craigjbass
Product	clearancekit
Published	Mar 26, 2026
Last Updated	Mar 27, 2026

Stay Ahead of the Next One

Get instant alerts for craigjbass clearancekit

Be the first to know when new unknown vulnerabilities affecting craigjbass clearancekit are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

craigjbass / clearancekit

< 4.2.4

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/craigjbass/clearancekit/security/advisories/GHSA-wpxj-vhfp-hhvm github.com: https://github.com/craigjbass/clearancekit/commit/6181c4a22eccbeca973c77f4bd023eb795c13786