CVE-2026-39118 is a macOS vulnerability that allows standard unprivileged users to disable or permanently deactivate endpoint security agents including Kandji MDM and CrowdStrike Falcon EDR. Technical details carry medium confidence pending confirmation from Apple and vendor advisories. Organizations with managed macOS fleets should audit agent health status immediately and monitor for patch release.