CVE-2025-1078

Name of the Vulnerable Software and Affected Versions: AppHouseKitchen AlDente Charge Limiter versions up to 1.29

Description: A critical issue has been found in AppHouseKitchen AlDente Charge Limiter, affecting the shouldAcceptNewConnection function of the com.apphousekitchen.aldente-pro.helper file in the XPC Service component. This leads to improper authorization, allowing an attack to be launched on the local host.

Recommendations: For AppHouseKitchen AlDente Charge Limiter versions up to 1.29, upgrade to version 1.30 to address this issue. As a temporary workaround, consider disabling the shouldAcceptNewConnection function until the update is applied. Restrict access to the XPC Service component to minimize the risk of exploitation.