Description
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox.
Published: 2026-05-11
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A permissions issue was discovered in macOS that could allow a malicious application to escape its sandbox, potentially giving it unauthorized access to protected resources. The weakness is an improper access control flaw, analogous to CWE‑284, where the operating system fails to enforce expected permission boundaries. Such an escape can lead to loss of confidentiality, integrity, or availability for the compromised system.

Affected Systems

The vulnerability affects macOS releases older than Sequoia 15.7.7, Sonoma 14.8.7, and Tahoe 26.5 respectively. Systems running those older releases are exposed until updated.

Risk and Exploitability

The exploit path requires a malicious sandboxed application that can leverage the permissions issue to break out. EPSS score is < 1% and the vulnerability is not listed in CISA KEV, yet sandbox escape constitutes a high‑risk attack vector. While no public exploit exists yet, the flaw’s nature suggests that it could be operational in advanced threat campaigns once an exploit is developed. The CVSS score is 8.8, indicating high severity, and the impact remains significant. Systems running macOS releases older than the patched releases are exposed.

Generated by OpenCVE AI on May 13, 2026 at 13:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update macOS to the patched versions Sequoia 15.7.7, Sonoma 14.8.7, or Tahoe 26.5
  • Reboot the system after installing the update to activate the new access control restrictions
  • Review and tighten application sandbox configurations to ensure that no elevation of privilege can occur beyond what is strictly necessary

Generated by OpenCVE AI on May 13, 2026 at 13:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 13 May 2026 15:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Wed, 13 May 2026 14:15:00 +0000

Type Values Removed Values Added
Title Permissions issue allows malicious app to escape sandbox on macOS

Wed, 13 May 2026 12:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}

Wed, 13 May 2026 11:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 11 May 2026 23:30:00 +0000

Type Values Removed Values Added
Title Permissions issue allows malicious app to escape sandbox on macOS
First Time appeared Apple
Apple macos
Weaknesses CWE-284
Vendors & Products Apple
Apple macos

Mon, 11 May 2026 20:45:00 +0000

Type Values Removed Values Added
Description A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-05-13T12:06:11.860Z

Reserved: 2026-03-03T16:36:03.993Z

Link: CVE-2026-28978

cve-icon Vulnrichment

Updated: 2026-05-13T10:03:08.598Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-11T21:18:58.320

Modified: 2026-05-13T14:34:55.460

Link: CVE-2026-28978

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-13T14:00:13Z

Weaknesses