CVE-2026-40599

Name of the Vulnerable Software and Affected Versions ClearanceKit versions prior to 5.0.5

Description ClearanceKit intercepts file-system access events on macOS to enforce per-process access policies. A flaw exists where the software incorrectly identifies a process as an Apple platform binary if it possesses an empty Team ID and a non-empty Signing ID. This allows malicious software to impersonate an Apple process within the global allowlist to gain access to all protected files.

Recommendations Update to version 5.0.5.