NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-2638

Summary	A vulnerability in the quarantine and restore workflow of the X-VPN macOS website versions 77.0 through 77.5 allow a local attacker to leverage a race condition and symlink manipulation to achieve privileged file corruption.
Publication Date	June 9, 2026, 10:16 p.m.
Registration Date	June 10, 2026, 4:15 a.m.
Last Update	June 9, 2026, 11:16 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://fluidattacks.com/es/advisories/soad	help@fluidattacks.com
2	https://xvpn.io/	help@fluidattacks.com
3	https://xvpn.io/download/vpn-mac	help@fluidattacks.com
4	https://xvpn.io/resources/statement-local-privilege-escalation-vulnerability	help@fluidattacks.com
5	https://fluidattacks.com/es/advisories/soad	134c704f-9b21-4f2e-91b3-4a467353bcc0

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-367	Time-of-check Time-of-use (TOCTOU) 競合状態	https://cwe.mitre.org/data/definitions/367.html