EIP-2026-103379

PRE-CVE

Proxifier for Mac 2.18 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-103379. PoCs published by Securify.

AI-analyzed exploit summary The exploit demonstrates multiple local privilege escalation vulnerabilities in Proxifier's KLoader binary due to unsanitized PATH environment variables and command injection via command-line arguments. It allows arbitrary command execution and loading of malicious kernel extensions.

Description

Proxifier for Mac 2.18 - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC

by Securify · textlocalmacos

https://www.exploit-db.com/exploits/41853

View Code ZIP pw:eip

The exploit demonstrates multiple local privilege escalation vulnerabilities in Proxifier's KLoader binary due to unsanitized PATH environment variables and command injection via command-line arguments. It allows arbitrary command execution and loading of malicious kernel extensions.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Proxifier for Mac v2.18

No auth needed

Prerequisites: Local access to the system · Proxifier for Mac v2.18 installed

MITRE ATT&CK

T1548.001 - Setuid and Setgid T1059.004 - Unix Shell T1547.006 - Kernel Modules and Extensions

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026