deafnews
Kaspersky GReAT has identified a remote code execution vulnerability in ExifTool for macOS. CVE-2026-3102 allows command injection via metadata in versions 13.49 and earlier. Updates are https://deafnews.it/en/article/exiftool-macos-nuova-rce-via-metadata-sistemi-a-rischio
ExifTool RCE: Kaspersky GReAT Uncovers macOS Command Injection via Metadata

CVE-2026-3102 impacts ExifTool versions 13.49 and earlier on macOS. The vulnerability allows for command injection within the SetMacOSTags function when using…

DeafNews
May 20 at 10:22amWeb