Description
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Tahoe 26.3. An app may be able to gain root privileges.
Published: 2026-02-11
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Root Privilege Escalation
Action: Immediate Patch
AI Analysis

Impact

This vulnerability arises from insufficient validation of symbolic links, enabling an application to execute arbitrary code with elevated privileges. The flaw can lead to full root access, allowing an attacker to compromise the entire system. The weakness corresponds to CWE‑59, a pointer manipulation error that permits unchecked path resolution.

Affected Systems

Apple macOS is affected. The vulnerability exists in all releases prior to macOS Tahoe 26.3. Users running earlier macOS versions are susceptible until they upgrade to 26.3 or later.

Risk and Exploitability

The CVSS score of 7.8 indicates high severity, but the EPSS score of less than 1% suggests a very low exploitation probability. The vulnerability is not listed in CISA's KEV catalog, further implying limited active exploitation. Attackers would need local application execution; thus the most likely vector is a malicious or compromised local program that can manipulate symbolic links.

Generated by OpenCVE AI on April 15, 2026 at 21:09 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade macOS to version 26.3 or later to receive the symlink handling fix
  • If an upgrade cannot be performed immediately, restrict or sandbox applications that create or modify symbolic links to limit their ability to gain elevated privileges
  • Monitor system logs for signs of privilege escalation attempts and apply additional access controls as needed

Generated by OpenCVE AI on April 15, 2026 at 21:09 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://support.apple.com/en-us/126348 cve-icon cve-icon
History

Wed, 15 Apr 2026 21:30:00 +0000

Type Values Removed Values Added
Title macOS Privilege Escalation via Improper Symlink Handling

Fri, 13 Feb 2026 16:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Thu, 12 Feb 2026 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-59
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 12 Feb 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Vendors & Products Apple
Apple macos

Wed, 11 Feb 2026 23:15:00 +0000

Type Values Removed Values Added
Description This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Tahoe 26.3. An app may be able to gain root privileges.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:07:36.433Z

Reserved: 2025-11-11T14:43:07.858Z

Link: CVE-2026-20610

cve-icon Vulnrichment

Updated: 2026-02-12T14:53:18.184Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-11T23:16:04.643

Modified: 2026-02-13T15:45:52.137

Link: CVE-2026-20610

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-15T21:15:13Z

Weaknesses