Description
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox.
Published: 2026-05-11
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A logging oversight in macOS permits insufficient data redaction, and based on the description it is inferred that a malicious application can exploit this by interacting with the logging subsystem to escape its sandbox. The resulting sandbox escape allows the app to access or modify resources beyond its intended boundaries, jeopardizing confidentiality and integrity on the system and providing a privilege‑escalation pathway.

Affected Systems

Apple macOS systems running any version prior to the fixes are affected. The issue is addressed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, and macOS Tahoe 26.5, so any older release of each series remains vulnerable. Systems that rely on the default logging configuration and have not yet applied the updated releases are at risk.

Risk and Exploitability

The CVSS score of 8.8 indicates a high‑severity vulnerability, while the EPSS score of < 1 % suggests an extremely low likelihood of exploitation. The absence of a KEV listing indicates that exploitation has not yet been observed publicly. Based on the description, the attack likely requires a malicious app that can interact with the logging subsystem—an attainable vector for threat actors deploying malware on macOS. Upgrading to the impacted releases is the definitive mitigation.

Generated by OpenCVE AI on May 12, 2026 at 17:33 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to the latest macOS releases that contain the fix (Sequoia 15.7.7, Sonoma 14.8.7, or Tahoe 26.5).
  • If an upgrade cannot be performed immediately, restrict the rights of untrusted applications and monitor for anomalous logging behavior.
  • Apply any additional Apple security updates as they become available to further harden sandbox enforcement.

Generated by OpenCVE AI on May 12, 2026 at 17:33 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 18:00:00 +0000

Type Values Removed Values Added
Title Logging Redaction Flaw That Enables Sandbox Escape in macOS

Tue, 12 May 2026 17:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Tue, 12 May 2026 15:45:00 +0000

Type Values Removed Values Added
Title Logging Redaction Oversight Enabling Sandbox Escalation on macOS
Weaknesses CWE-285
CWE-640

Tue, 12 May 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

 cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 12 May 2026 13:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-532
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 11 May 2026 22:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Vendors & Products Apple
Apple macos

Mon, 11 May 2026 22:30:00 +0000

Type Values Removed Values Added
Title Logging Redaction Oversight Enabling Sandbox Escalation on macOS
Weaknesses CWE-285
CWE-640

Mon, 11 May 2026 20:45:00 +0000

Type Values Removed Values Added
Description A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-05-13T03:57:45.537Z

Reserved: 2026-03-03T16:36:03.987Z

Link: CVE-2026-28923

cve-icon Vulnrichment

Updated: 2026-05-12T13:06:23.655Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-11T21:18:54.627

Modified: 2026-05-12T17:24:58.797

Link: CVE-2026-28923

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T17:45:20Z

Weaknesses