CVE-2026-39118 is a reported privilege-related vulnerability in the Kandji MDM agent on macOS that allegedly allows standard users without administrative rights to disable Kandji MDM and CrowdStrike Falcon EDR. This vulnerability has been publicly disclosed by XM Cyber researchers but has not been independently confirmed by Kandji or Apple, and no patch is confirmed available as of June 26, 2026. All technical specifics should be validated against vendor advisories before acting.