CVE-2026-40604
ClearanceKit: opfilter system extension can be suspended or signalled by a root process, disabling file-access policy enforcement
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.6, the opfilter Endpoint Security system extension (bundle ID uk.craigbass.clearancekit.opfilter) can be suspended with SIGSTOP or kill -STOP, or killed with SIGKILL/SIGTERM, by any process running as root. While the extension is suspended, all AUTH Endpoint Security events time out and default to allow, silently disabling ClearanceKit's file-access policy enforcement for the duration of the suspension. This vulnerability is fixed in 5.0.6.
| CWE | CWE-693 |
| Vendor | craigjbass |
| Product | clearancekit |
| Published | Apr 21, 2026 |
| Last Updated | Apr 21, 2026 |
Stay Ahead of the Next One
Get instant alerts for craigjbass clearancekit
Be the first to know when new unknown vulnerabilities affecting craigjbass clearancekit are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
craigjbass / clearancekit
< 5.0.6