GHSA-5m7x-g9jc-x5g7HighCVSS 8.4
clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local...
🔗 CVE IDs covered (1)
📋 Description
clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation.
🔗 References (5)
- https://nvd.nist.gov/vuln/detail/CVE-2026-26422
- https://github.com/clash-verge-rev/clash-verge-rev/commit/3bbcdbe5caacc2ffb713af69f2c93e202573f918
- https://github.com/clash-verge-rev/clash-verge-service-ipc/releases/tag/v2.3.0
- https://kaguranaku.me/posts/CVE-2026-26422
- https://github.com/advisories/GHSA-5m7x-g9jc-x5g7