A permissions issue in macOS permits applications to escape their sandbox boundaries, potentially enabling them to execute code or access resources beyond the intended restriction. The flaw stems from insufficient sandbox controls that allow an app to gain elevated privileges or access protected system data, leading to unauthorized data exposure or modification. This vulnerability is identified as a sandbox escape, a type of privilege escalation that compromises application isolation.

Apple macOS is affected, specifically releases prior to macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, and macOS Tahoe 26.4. The issue exists in all earlier macOS builds referenced by the common platform enumeration for Apple macOS. End‑users running versions before these patch releases should be considered vulnerable.

The CVSS base score of 5.3 indicates moderate severity, while the EPSS score of less than 1 % suggests a low likelihood of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Exploitation would likely require delivering a malicious or crafted application that abuses the weakened sandbox restrictions, and the attack vector is inferred to be local or application‑hosted. No public exploit is currently documented, but the plausibility of sandbox escape warrants caution.