clash-verge-service-ipc before 2.3.0 has a world-reachable IPC endpoint, leading to local privilege escalation.Referenceshttps://github.com/clash-verge-rev/clash-verge-rev/commit/3bbcdbe5caacc2ffb713af69f2c93e202573f918https://kaguranaku.me/posts/CVE-2026-26422/https://github.com/clash-verge-rev/clash-verge-service-ipc/releases/tag/v2.3.0
