CVE-2026-39118 is a high-severity macOS vulnerability (CVSS 7.8) that allows a standard non-privileged user to disable or deactivate endpoint security agents, specifically the Kandji MDM agent and CrowdStrike Falcon EDR, via an XPC service trust flaw. The EPSS score of 0.00118 at the 2nd percentile indicates low observed exploitation activity at time of scoring, but the defensive implications of silent security tool removal make this a priority for any organization relying on these agents for macOS endpoint visibility. Full technical specifics and confirmed patch status require validation against Apple and vendor primary advisories.