CVE-2026-2637

High CVSS: 8.5

iBoysoft NTFS for Mac contains a local privilege escalation vulnerability in its privileged helper daemon ntfshelperd. The daemon exposes an NSConnection service that runs as root without implementing any authentication or authorization checks.

This issue affects iBoysoft NTFS: 8.0.0.

Vendor

Product

CWE

CWE-732

Yayın Tarihi

2026-03-03 15:16:20

Güncelleme

2026-03-03 21:52:29

Source Identifier

help@fluidattacks.com

KEV Date Added

Kategoriler

CWE-732 HIGH 2026

Referanslar

https://fluidattacks.com/advisories/cuarteto https://iboysoft.com/ntfs-for-mac/