CVE-2026-33631 - Vulnerability Analysis
HighCVSS: 8.7Last Updated: March 26, 2026
ClearanceKit - Broken Access Control
Overview
ClearanceKit <= 4.1 on macOS contains a broken access control vulnerability caused by incomplete interception of file operation events in the opfilter Endpoint Security extension, letting local attackers bypass file access policies, exploit requires local process execution.
Severity & Score
Impact
Local attackers can bypass file access policies, potentially accessing or modifying protected files without restriction.
Mitigation
Update to version 4.2 or later.
References
Social Media Activity(2 posts)
š CVE-2026-33631 - High (8.7) ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. In versions on the 4.1 branch and earlier, the opfilter Endpoint Security system extension enforced file access policy exclusively by intercepting... š https://www.thehackerwire.com/vulnerability/CVE-2026-33631/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š CVE-2026-33631 - High (8.7) ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. In versions on the 4.1 branch and earlier, the opfilter Endpoint Security system extension enforced file access policy exclusively by intercepting... š https://www.thehackerwire.com/vulnerability/CVE-2026-33631/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2026-33631
- Severity
- High
- CVSS Score
- 8.7
- Type
- broken_access_control
- Status
- new
- EPSS
- 0.0%
- Social Posts
- 2
CWE
- CWE-862
CVSS Metrics
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L