CVE-2026-6891

Severity CVSS v4.0:
MEDIUM
Type:
CWE-59 Link Following
Publication date:
29/05/2026
Last modified:
29/05/2026

Description

Improper handling of symbolic links in the installer of My Image Garden for macOS Version 3.6.8 or earlier may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of files for which they would not normally have authorization.