CVE-2026-6891

Improper handling of symbolic links in the installer of My Image Garden for macOS Version 3.6.8 or earlier may allow a local attacker with login…

MEDIUMMonitor

Published:May 29, 2026(3 days ago)

Modified:May 29, 2026

Local AccessLow Complexity

Vulnerability Description

Improper handling of symbolic links in the installer of My Image Garden for macOS Version 3.6.8 or earlier may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of files for which they would not normally have authorization.

Attack Characteristics

Local AccessLow ComplexityLow PrivilegesUser Interaction Required

🤖

AI analysis not yet available

Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.

Timeline

Published
CVE disclosed publicly
May 29, 20263 days ago
Last Modified
Most recent update
May 29, 20263 days ago
Indexed to CVEInsight
Added to this platform
May 29, 20263 days ago

References

https://canon.jp/support/support-info/260528-2vulnerability-response
https://psirt.canon/advisory-information/cp2026-004/
https://www.canon-europe.com/support/product-security/
https://www.usa.canon.com/support/canon-product-advisories/CPA2026-004...

CVSS Score

v3.1

5.0/ 10.0

MEDIUM

AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

At a Glance

Affected Products

References

CVE-2026-6891

Vulnerability Description

Attack Characteristics

Timeline

References

CVSS Score

At a Glance

Official Sources

CVSS v3 Vector

Impact Analysis

CVE-2026-6891

✦ Vulnerability Description

Attack Characteristics

Timeline

References

CVSS Score

At a Glance

Official Sources

CVSS v3 Vector

Impact Analysis

Vulnerability Description