CVE-2025-9815

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-9815
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-9815.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-9815
Published
2025-09-02T05:15:39.967Z
Modified
2026-03-14T15:05:30.187592Z
Severity
  • 7.1 (High) CVSS_V4 - CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X CVSS Calculator
Summary
[none]
Details

A weakness has been identified in alaneuler batteryKid up to 2.1 on macOS. The affected element is an unknown function of the file PrivilegeHelper/PrivilegeHelper.swift of the component NSXPCListener. This manipulation causes missing authentication. It is possible to launch the attack on the local host. The exploit has been made available to the public and could be exploited.

References

Affected packages

Git / github.com/alaneuler/batterykid

Affected ranges

Type
GIT
Repo
https://github.com/alaneuler/batterykid
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
f163b4a5c3c9b244b841c60483932a77c8849b5a
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.1"
        }
    ]
}

Affected versions

v1.*
v1.0.0
v1.0.1
v1.1.0
v1.1.1
v2.*
v2.0
v2.1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-9815.json"