An issue was discovered in Canonical Multipass for macOS before version 1.16.3 due to an incomplete fix for CVE-2025-5199. While the patch in version 1.16.0 upd…

CVE-2026-49237 affects Canonical Multipass for macOS before version 1.16.3 due to an incomplete fix for CVE-2025-5199. While the multipassd daemon binary ownership was updated to root:wheel in version 1.16.0, five auxiliary binaries (multipass, qemu-img, qemu-system-aarch64, qemu-system-x86_64, and sshfs_server) in /Library/Application Support/com.canonical.multipass/bin/ remain user-writable. The root LaunchDaemon configures a PATH that prioritizes this user-writable directory and invokes binaries by bare names. A local attacker can replace auxiliary binaries with malicious wrappers, causing malicious code to execute with root privileges when the daemon triggers them during routine operations like 'multipass launch', resulting in local privilege escalation.