A permissions flaw in macOS Tahoe allows an application to read protected user data that it should not be able to access. The defect lies in insufficient enforcement of authorization controls, leading to an unintended elevation of privileges for the app. Because of this, sensitive files or data that are normally guarded by the system may be read or copied, compromising confidentiality of user information. The weakness is identified as CWE‑284.

The vulnerability affects Apple macOS prior to the release of macOS Tahoe version 26. All earlier versions that did not receive the additional restrictions applied in the 26 update are susceptible. Users still running those earlier releases are at risk until they upgrade to macOS Tahoe 26 or later. The issue is specific to the operating system itself and does not apply to third‑party extensions or applications outside the core OS.

The CVSS score of 5.5 indicates a medium risk level. The EPSS score is below 1 percent, suggesting that exploitation is unlikely at this time. The vulnerability is not listed in the CISA KEV catalog. Because the flaw arises from weakened permission checks within the OS, an attacker would need to run or install a malicious application on the target machine. The attack vector is therefore most likely local or via an app that has been inadvertently installed by the user. Unless an attacker can already execute code under a user context, the vulnerability cannot be abused remotely.