Description
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to delete files for which it does not have permission.
Published: 2026-03-25
Score: 4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized File Deletion
Action: Apply Patch
AI Analysis

Impact

A path handling issue in macOS enables an application to delete files for which it does not have permission, a form of informal privilege escalation. The weakness aligns with the CWE-22 classification, describing an improper handling of file paths that can lead to unauthorized file removal. According to the documentation, the flaw has been resolved with stricter validation routines.

Affected Systems

Apple macOS is affected. According to the advisory, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, and macOS Tahoe 26.4 contain the fix. Older macOS releases prior to these versions are potentially vulnerable.

Risk and Exploitability

The CVSS base score is 4 and the EPSS score is below 1 %, indicating a moderate severity and low likelihood of exploitation. The vulnerability is not listed in CISA’s KEV catalog. While the description does not state the attack vector explicitly, it is inferred to be local, requiring an application to supply a crafted path. An attacker could delete critical system or user files if they can run an app with sufficient privileges, but the low EPSS suggests this exploit is not widely observed.

Generated by OpenCVE AI on March 26, 2026 at 18:29 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, or macOS Tahoe 26.4 to remove the path handling flaw.
  • Verify that applications can no longer delete files outside their own directories.

Generated by OpenCVE AI on March 26, 2026 at 18:29 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 27 Mar 2026 09:30:00 +0000

Type Values Removed Values Added
Title Path Traversal Allows Unauthorized File Deletion in macOS

Thu, 26 Mar 2026 17:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Thu, 26 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-22
Metrics cvssV3_1

{'score': 4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 26 Mar 2026 12:30:00 +0000

Type Values Removed Values Added
Title Path Handling Issue Allowing Unauthorized File Deletion in macOS
Weaknesses CWE-20
CWE-22

Wed, 25 Mar 2026 22:00:00 +0000

Type Values Removed Values Added
Title Path Handling Issue Allowing Unauthorized File Deletion in macOS
Weaknesses CWE-20
CWE-22

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Vendors & Products Apple
Apple macos

Wed, 25 Mar 2026 01:00:00 +0000

Type Values Removed Values Added
Description A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to delete files for which it does not have permission.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:12:27.328Z

Reserved: 2026-03-03T16:36:03.967Z

Link: CVE-2026-28816

cve-icon Vulnrichment

Updated: 2026-03-26T14:34:43.913Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-25T01:17:06.870

Modified: 2026-03-26T17:19:57.653

Link: CVE-2026-28816

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T09:20:09Z

Weaknesses