A security researcher has decided to provide Apple with details — and a patch — for a serious Keychain flaw in macOS Mojave that allows anyone to access your saved usernames and passwords.

Linus Henze previously withheld the information in protest of Apple’s decision not to offer a macOS bug bounty program. He now believes the problem is too serious for the company to ignore.

A new flaw discovered in macOS Mojave puts your sensitive Keychain data at risk.

One security researcher has demonstrated an exploit that could allow anyone to access saved usernames and passwords without administrator access. He won’t share the details with Apple, however, because there is no reward on offer.