{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T09:36:04.459","vulnerabilities":[{"cve":{"id":"CVE-2026-2637","sourceIdentifier":"help@fluidattacks.com","published":"2026-03-03T15:16:20.950","lastModified":"2026-04-27T13:12:44.317","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"iBoysoft NTFS for Mac contains a local privilege escalation vulnerability in its privileged helper daemon ntfshelperd. The daemon exposes an NSConnection service that runs as root without implementing any authentication or authorization checks.\n\nThis issue affects iBoysoft NTFS: 8.0.0."},{"lang":"es","value":"iBoysoft NTFS para Mac contiene una vulnerabilidad de escalada de privilegios local en su demonio auxiliar privilegiado ntfshelperd. El demonio expone un servicio NSConnection que se ejecuta como root sin implementar ninguna comprobación de autenticación o autorización.\n\nEste problema afecta a iBoysoft NTFS: 8.0.0."}],"metrics":{"cvssMetricV40":[{"source":"help@fluidattacks.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"help@fluidattacks.com","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:iboysoft:ntfs_for_mac:8.0:*:*:*:*:*:*:*","matchCriteriaId":"53C6FBA4-0B4F-4E1B-80B0-D15E5A521C79"}]}]}],"references":[{"url":"https://fluidattacks.com/advisories/cuarteto","source":"help@fluidattacks.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://iboysoft.com/ntfs-for-mac/","source":"help@fluidattacks.com","tags":["Product"]}]}}]}