CVE-2025-53813

Name of the Vulnerable Software and Affected Versions: Nozbe versions prior to 2025.11

Description: The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse enabled, allows a local attacker with unprivileged access to execute arbitrary code that inherits Nozbe TCC (Transparency, Consent, and Control) permissions. Acquired resource access is limited to previously granted permissions by the user. Access to other resources beyond granted permissions requires user interaction with a system prompt asking for permission.

Recommendations: Update Nozbe to version 2025.11 or later.