CVE-2025-10906 | Magnetism Studios Endurance up to 3.3.0 on macOS NSXPC Interface com.MagnetismStudios.endurance.helper loadModuleNamed:WithReply missing authentication

September 24, 2025 Yanac

A vulnerability categorized as critical has been discovered in Magnetism Studios Endurance up to 3.3.0 on macOS. This affects the function loadModuleNamed:WithReply of the file /Applications/Endurance.app/Contents/Library/LaunchServices/com.MagnetismStudios.endurance.helper of the component NSXPC Interface. Executing manipulation can lead to missing authentication.

This vulnerability is registered as CVE-2025-10906. The attack needs to be launched locally. Furthermore, an exploit is available.VulDB Recent EntriesRead More