CVE-2026-3102 is a critical command injection vulnerability in ExifTool versions 13.49 and earlier on macOS. By embedding a malicious payload in an image's metadata and forcing ExifTool to copy it to the FileCreateDate tag using specific flags, an attacker can execute arbitrary shell commands with the privileges of the invoking user.