Tunnelblick 3.5beta06 before 7.0, when incompletely uninstalled, allows attackers to execute arbitrary code as root (upon the next boot) by dragging a crafted Tunnelblick.app file into /Applications.Referenceshttps://tunnelblick.net/downloads.htmlhttps://tunnelblick.net/cCVE-2025-43711.html
