HIGH
mullvad
CVE published 2026-05-19
CVE-2026-32323
Published on 2026-05-19, CVE-2026-32323 affects Mullvad VPN on macOS versions 2026.1 and earlier. During installation or upgrade, the installer can execute binaries from /Applications/Mullvad VPN.app without first confirming that the bundle is legitimate or attacker-controlled. A user in the admin group may be able to pre-place a crafted application bundle at that path and obtain code execution as root. M [truncated]