File-Access Policy Bypass in ClearanceKit on macOS
CVE-2026-34218
6.3MEDIUM
What is CVE-2026-34218?
ClearanceKit, a tool for enforcing per-process file-access policies on macOS, contained defects that exposed a security flaw prior to version 4.2.14. During its startup, it only enforced a single compile-time baseline rule, failing to apply managed and user-defined file-access rules. This lapse necessitated user interaction with the GUI to trigger policy enforcement, which left the file system vulnerable until such interaction occurred. This vulnerability has been addressed in version 4.2.14.
Affected Version(s)
clearancekit < 4.2.14