Description
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.4. A document may be written to a temporary file when using print preview.
Published: 2026-03-25
Score: 3.3 Low
EPSS: < 1% Very Low
KEV: No
Impact: Privacy Disclosure
Action: Patch
AI Analysis

Impact

The flaw lies in how macOS handles temporary files during the print preview process. A document is written to a temporary file, and if the file is not properly protected or cleaned up, an attacker could read it, exposing potentially sensitive information. This weakness leads to an information disclosure vulnerability.

Affected Systems

Apple’s macOS versions released before macOS Tahoe 26.4 are affected. The issue was addressed in macOS Tahoe 26.4 and later releases.

Risk and Exploitability

The overall severity is low, with a CVSS score of 3.3 and an EPSS score of less than 1%, indicating a very small likelihood of exploitation. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. Based on the description, the attack vector is inferred to be local; an attacker would need the ability to trigger a print preview on the target machine. No public exploits have been reported, so the risk remains modest.

Generated by OpenCVE AI on March 25, 2026 at 20:51 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to macOS 26.4 or later, ensuring that system updates include the fix for temporary file handling.
  • Verify that temporary files created by print preview are stored securely and deleted promptly after use.
  • If an update cannot be applied immediately, avoid using the print preview feature in untrusted or shared environments until the patch is installed.

Generated by OpenCVE AI on March 25, 2026 at 20:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://support.apple.com/en-us/126794 cve-icon cve-icon
History

Wed, 25 Mar 2026 22:00:00 +0000

Type Values Removed Values Added
Title Temporary File Disclosure in macOS Print Preview

Wed, 25 Mar 2026 19:45:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 3.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N'}

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Vendors & Products Apple
Apple macos

Wed, 25 Mar 2026 01:00:00 +0000

Type Values Removed Values Added
Description A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.4. A document may be written to a temporary file when using print preview.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:10:26.337Z

Reserved: 2026-03-03T16:36:03.981Z

Link: CVE-2026-28893

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2026-03-25T01:17:12.777

Modified: 2026-03-27T20:16:27.633

Link: CVE-2026-28893

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T20:56:44Z

Weaknesses