CVE-2026-3102: The Photo That Pwns Your Mac

CVE-2026-3102 is a macOS-specific remote code execution vulnerability in ExifTool (fixed in v13.50) that allows shell commands embedded in image metadata DateTimeOriginal to execute when ExifTool is invoked with the -n/--printConv flag; it endangers automated, unattended image-processing pipelines and bundled/embedded copies of ExifTool and can be used to deploy stealthy trojans or infostealers. Immediate actions: update ExifTool to 13.50+, audit for embedded copies, remove or scope the -n flag, isolate untrusted file processing, and monitor for anomalous child processes and outbound connections.