Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
8.5
iBoysoft NTFS for Mac: Unauthenticated Root Access via Local Service
CVE-2026-2637
Summary
A critical issue in iBoysoft NTFS for Mac allows an attacker with local access to gain root privileges without a password. This means an attacker can potentially take control of the entire system. Users should update to the latest version of the software to fix this issue.
Original title
iBoysoft NTFS for Mac contains a local privilege escalation vulnerability in its privileged helper daemon ntfshelperd. The daemon exposes an NSConnection service that runs as root without implement...
Original description
iBoysoft NTFS for Mac contains a local privilege escalation vulnerability in its privileged helper daemon ntfshelperd. The daemon exposes an NSConnection service that runs as root without implementing any authentication or authorization checks.
This issue affects iBoysoft NTFS: 8.0.0.
This issue affects iBoysoft NTFS: 8.0.0.
nvd CVSS4.0
8.5
Vulnerability type
CWE-732
Incorrect Permission Assignment for Critical Resource
Published: 3 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026