Description
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Tahoe 26.4. A malicious app may be able to break out of its sandbox.
Published: 2026-03-25
Score: 4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Local Privilege Escalation via Sandbox Escape
Action: Update macOS
AI Analysis

Impact

A logic flaw in macOS allows a malicious application to escape its sandbox restrictions. By exploiting this flaw, an attacker could gain unauthorized access to system resources, potentially compromising confidentiality and integrity of data. The weakness relates to improper access control within the operating system sandboxing model.

Affected Systems

Apple macOS versions preceding the 26.4 release of macOS Tahoe are vulnerable. The issue was addressed in macOS Tahoe 26.4 and later revisions. Users running earlier releases are at risk.

Risk and Exploitability

The CVSS score of 4.0 indicates moderate severity, but the EPSS score of less than 1% suggests a low likelihood of widespread exploitation. The vulnerability was not reported in the CISA KEV catalog. Based on the description, the likely attack vector involves a locally running malicious application that attempts to bypass sandbox limits; this inference is drawn from the mention of a sandbox escape scenario.

Generated by OpenCVE AI on March 26, 2026 at 14:55 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update macOS to version 26.4 or later.

Generated by OpenCVE AI on March 26, 2026 at 14:55 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://support.apple.com/en-us/126794 cve-icon cve-icon
History

Thu, 26 Mar 2026 12:30:00 +0000

Type Values Removed Values Added
Title macOS Sandbox Breakout Vulnerability
Weaknesses CWE-284
CWE-285

Wed, 25 Mar 2026 22:00:00 +0000

Type Values Removed Values Added
Title macOS Sandbox Breakout Vulnerability
Weaknesses CWE-284
CWE-285

Wed, 25 Mar 2026 18:30:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Wed, 25 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Vendors & Products Apple
Apple macos

Wed, 25 Mar 2026 01:00:00 +0000

Type Values Removed Values Added
Description A logic issue was addressed with improved restrictions. This issue is fixed in macOS Tahoe 26.4. A malicious app may be able to break out of its sandbox.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:07:59.058Z

Reserved: 2026-03-03T16:36:03.968Z

Link: CVE-2026-28826

cve-icon Vulnrichment

Updated: 2026-03-25T15:06:03.273Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-25T01:17:07.790

Modified: 2026-03-25T20:52:35.763

Link: CVE-2026-28826

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T09:20:22Z

Weaknesses