PT-2026-44708 · Canon · My Image Garden
Published
2026-05-28
·
Updated
2026-05-29
·
CVE-2026-6891
CVSS v3.1
5.0
Medium
| Vector | AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
My Image Garden for macOS versions prior to 3.6.9
Description
Improper handling of symbolic links in the installer allows a local attacker with login privileges to use a specially crafted symbolic link during installation to modify permissions of files for which they would not normally have authorization.
Fix
Link Following
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
My Image Garden