CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-55076

A local privilege escalation vulnerability exists in the InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 for macOS. The service accepts unauthenticated XPC connections and executes input via system(), which may allow a local user to execute arbitrary commands with root privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.9%

CVSS Severity

CVSS v3 Score 6.2

References

https://almightysec.com/plugin-alliance-helpertool-xpc-service-local-privilege-escalation/

Products affected by CVE-2025-55076

Plugin-Alliance » Installation Manager » Version: 1.4.0

cpe:2.3:a:plugin-alliance:installation_manager:1.4.0
Apple » Macos » Version: N/A

cpe:2.3:o:apple:macos:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-55076

Products

Pricing

Contact Us