Description
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Tahoe 26.3. An app with root privileges may be able to access private information.
Published: 2026-02-11
Score: 4.4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Sensitive Information Disclosure
Action: Apply patch
AI Analysis

Impact

This vulnerability stems from insufficient redaction of sensitive data in macOS, which allows an application running with root privileges to read private information that should otherwise be protected. The flaw is a classic example of a weak access control (CWE‑284). The impact is the potential breach of confidentiality for user data residing on the system.

Affected Systems

Apple’s macOS is affected, specifically versions prior to the release of macOS Tahoe 26.3, which contains the necessary fix. Any build that does not include the 26.3 update may still expose private data to privileged applications.

Risk and Exploitability

The CVSS score of 4.4 indicates low to moderate severity, and the EPSS score of less than 1% implies a very low probability of exploitation. This vulnerability is not currently listed in the CISA KEV catalog. The likely attack vector requires an attacker to obtain root privileges on the target machine; once achieved, the attacker could read data that should be confined to non‑privileged processes. The overall risk therefore is limited to environments where root access can be leveraged, but the potential exposure of sensitive information warrants timely remediation.

Generated by OpenCVE AI on April 16, 2026 at 00:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade macOS to version 26.3 or later, which contains the fix for the redaction issue.
  • If an upgrade is not immediately feasible, restrict the use of root privileges for applications that handle sensitive information, ensuring they run with the least privilege necessary.
  • Enforce least privilege by disabling the root account or limiting sudo usage, and implement monitoring to detect privileged process activity that accesses sensitive data.

Generated by OpenCVE AI on April 16, 2026 at 00:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://support.apple.com/en-us/126348 cve-icon cve-icon
History

Thu, 16 Apr 2026 01:15:00 +0000

Type Values Removed Values Added
Title Improper Redaction Allows Root-Privileged Apps to Access Private Information in macOS

Thu, 19 Feb 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 18 Feb 2026 15:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-284

Fri, 13 Feb 2026 20:45:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 4.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N'}

Thu, 12 Feb 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Vendors & Products Apple
Apple macos

Wed, 11 Feb 2026 23:15:00 +0000

Type Values Removed Values Added
Description This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Tahoe 26.3. An app with root privileges may be able to access private information.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:20:06.220Z

Reserved: 2025-11-11T14:43:07.857Z

Link: CVE-2026-20603

cve-icon Vulnrichment

Updated: 2026-02-18T14:34:43.996Z

cve-icon NVD

Status : Modified

Published: 2026-02-11T23:16:04.110

Modified: 2026-02-18T15:18:41.853

Link: CVE-2026-20603

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T01:00:19Z

Weaknesses