Description
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.2. An app may be able to access protected files within an App Sandbox container.
Published: 2026-01-09
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized access to protected files within an App Sandbox
Action: Apply Patch
AI Analysis

Impact

A permissions flaw in macOS allows a sandboxed application to bypass the intended containment and read files that should be protected, undermining the basic isolation guarantees of the App Sandbox. The weakness is an access control defect (CWE‑284) that enables an application to reach beyond its allocated sandbox boundaries and read sensitive data that should be shielded by the system.

Affected Systems

Apple macOS systems are affected. Versions prior to macOS Tahoe 26.2 lack the additional restrictions that fix the issue, while macOS Tahoe 26.2 and later contain the remediation.

Risk and Exploitability

The CVSS score of 5.5 indicates a moderate severity; the EPSS score of less than 1% suggests a very low probability of exploitation at present, and the vulnerability is not listed in the CISA KEV catalog. Based on the description, the attack vector is likely local, requiring a user or process to launch or modify a sandboxed application to exploit the permissions defect. The potential impact is restricted to unauthorized file access rather than system-wide compromise or code execution.

Generated by OpenCVE AI on April 27, 2026 at 21:41 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update macOS to version 26.2 or later to apply the vendor patch that restricts sandbox permissions
  • Review and tighten app sandbox entitlements to limit file system access to only necessary directories
  • Monitor sandboxed application logs and access patterns for abnormal reads of protected files

Generated by OpenCVE AI on April 27, 2026 at 21:41 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://support.apple.com/en-us/125886 cve-icon cve-icon
History

Mon, 27 Apr 2026 22:00:00 +0000

Type Values Removed Values Added
Title Sandboxed application can access protected files due to permissions flaw

Wed, 14 Jan 2026 18:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Mon, 12 Jan 2026 17:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-284
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 12 Jan 2026 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Apple macos Tahoe
Vendors & Products Apple
Apple macos
Apple macos Tahoe

Fri, 09 Jan 2026 21:30:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.2. An app may be able to access protected files within an App Sandbox container.
References

Subscriptions

Apple Macos Macos Tahoe
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:25:22.637Z

Reserved: 2025-04-22T21:13:49.959Z

Link: CVE-2025-46297

cve-icon Vulnrichment

Updated: 2026-01-12T15:34:22.561Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-09T22:15:59.580

Modified: 2026-01-14T17:46:06.847

Link: CVE-2025-46297

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-27T21:45:14Z

Weaknesses