A vulnerability labeled as problematic has been found in Clash Verge Rev clash-verge-service-ipc up to 2.2.x . The affected element is an unknown function of the component IPC Endpoint . The manipulation results in incorrect permission assignment. This vulnerability was named CVE-2026-26422 . The attack needs to be approached locally. There is no available exploit. The affected component should be upgraded.