Description
A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26.1. An app may be able to break out of its sandbox.
Published: 2025-11-04
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Sandbox escape
Action: Patch Immediately
AI Analysis

Impact

A race condition in macOS allows an application to break out of its sandbox, potentially giving the app unauthorized access to the system. The flaw stems from a concurrency issue classified as CWE‑362. Once an app escapes the sandbox, it could read or alter files, misconfigure system settings, or launch additional malicious processes, thereby compromising confidentiality, integrity, and availability of the affected machine.

Affected Systems

Apple macOS is affected. The vulnerability applies to versions prior to macOS Sequoia 15.7, macOS Sonoma 14.8, and macOS Tahoe 26.1. All earlier releases of these macOS lines are potentially vulnerable.

Risk and Exploitability

The CVSS score of 7.8 indicates a high severity, while the EPSS score of less than 1% suggests a low likelihood of exploitation at present. The vulnerability is not listed in the CISA KEV catalog. Based on the description, the race condition likely requires a local attacker or an application with a pre‑existing code execution vector to trigger the sandbox escape.

Generated by OpenCVE AI on April 28, 2026 at 10:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install macOS Sequoia 15.7, macOS Sonoma 14.8, or macOS Tahoe 26.1 and any subsequent updates from Apple Software Update
  • Apply all available security updates immediately to ensure the race condition is patched
  • Reboot the system after installing the updates to apply the new sandbox enforcement mechanisms

Generated by OpenCVE AI on April 28, 2026 at 10:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 10:45:00 +0000

Type Values Removed Values Added
Title Race Condition Allows Sandbox Escape in macOS, Resolved in Sequoia 15.7, Sonoma 14.8, Tahoe 26.1

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to break out of its sandbox. A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26.1. An app may be able to break out of its sandbox.
References

Tue, 04 Nov 2025 19:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Tue, 04 Nov 2025 18:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-362
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 04 Nov 2025 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Apple macos Sequoia
Apple macos Sonoma
Vendors & Products Apple
Apple macos
Apple macos Sequoia
Apple macos Sonoma

Tue, 04 Nov 2025 01:45:00 +0000

Type Values Removed Values Added
Description A race condition was addressed with additional validation. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to break out of its sandbox.
References

Subscriptions

Apple Macos Macos Sequoia Macos Sonoma
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:23:05.548Z

Reserved: 2025-04-16T15:24:37.113Z

Link: CVE-2025-43364

cve-icon Vulnrichment

Updated: 2025-11-04T18:04:55.808Z

cve-icon NVD

Status : Modified

Published: 2025-11-04T02:15:43.930

Modified: 2026-04-02T19:20:34.013

Link: CVE-2025-43364

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T10:30:29Z

Weaknesses