CVE-2026-33632

Name of the Vulnerable Software and Affected Versions ClearanceKit versions prior to 4.2.4

Description ClearanceKit monitors file system access events on macOS and enforces access policies on a per-process basis. Before version 4.2.4, two file operation event types—ES EVENT TYPE AUTH EXCHANGEDATA and ES EVENT TYPE AUTH CLONE—were not intercepted by ClearanceKit’s opfilter system extension. This allowed local processes to bypass file access policies. The issue was addressed in commit 6181c4a by subscribing to both event types and routing them through the existing policy evaluator.

Recommendations Upgrade to version 4.2.4 or later and reactivate the system extension.