← back
CVE-2026-2637

CVE-2026-2637

CVSS 8.5 HIGHEPSS 0.2%CWE-732
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.5EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
03 Mar 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
iBoysoft NTFS for Mac contains a local privilege escalation vulnerability in its privileged helper daemon ntfshelperd. The daemon exposes an NSConnection service that runs as root without implementing any authentication or authorization checks. This issue affects iBoysoft NTFS: 8.0.0.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
iBoysoft · iBoysoft NTFS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://fluidattacks.com/advisories/cuartetohttps://iboysoft.com/ntfs-for-mac/