#cwe-648 主题 - Cyber Security Daily Radar

CVE-2026-9560

Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands with elevated privileges via local IPC channel

💡 影响/原因: 原文内容（由于配额限制，未进行深度 LLM 分析）

🎯 建议动作: 建议根据原文自行评估

排序因子: 影响边界/网络设备 (+5) | Primary 数据源 (+3) | LLM 评分加成 (+0.4)

CVE-2026-41225

A vulnerability exists in iControl REST where a highly privileged, authenticated attacker with at least the Manager role can create configuration objects that allow running arbitrary commands. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

💡 影响/原因: 原文内容（由于配额限制，未进行深度 LLM 分析）

🎯 建议动作: 建议根据原文自行评估

排序因子: CVSS 严重风险 (9.1) (+4) | Primary 数据源 (+3) | LLM 评分加成 (+0.4)

Cyber Security Daily Radar

#cwe-648

Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands with elevated privileges via local IPC...

A vulnerability exists in iControl REST where a highly privileged, authenticated attacker with at least the Manager role can create configuration objects that allow running arbi...