CyberRota
← Ana sayfaya dön

CVE-2026-49135

HIGH · CVSS 7.1 EPSS %0.13 Public Exploit

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-01T21:16:46.497 · Çekilme zamanı: 2026-06-30T12:06:44.738685+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

Public Exploit Sinyali

Bu CVE için açıklama veya referanslarda public exploit / PoC / GitHub / Metasploit sinyali tespit edildi.

Tespit Edilen Sinyaller
exploit
GitHub PoC Linkleri
github.com github.com github.com

Not: Bu bağlantılar yalnızca güvenlik araştırması ve doğrulama amacıyla listelenmiştir.

CVE
CVE-2026-49135
Severity
HIGH
CVSS
7.1
EPSS
%0.13

Orijinal NVD Açıklaması

CodexBar prior to 0.32.0 contains an insecure temporary file handling vulnerability that allows local attackers to access sensitive credentials or tamper with build artifacts by exploiting predictable file paths in the release notarization workflow. Attackers with access to the same host can read the App Store Connect API key written to a fixed path, pre-create files or symbolic links at predictable locations to redirect writes to attacker-controlled destinations, or tamper with notarization archives before submission.