VDB

CISA-2026-28823

CISA-2026-28823 PUBLISHED CVSS 4.9 MEDIUM

Reported by apple · Published March 25, 2026

A path handling issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.4. An app with root privileges may be able to delete protected system files.

Risk Scores

CVSS 3.1
4.9
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Affected Products

VendorProductVersions
ApplemacOS0
ApplemacOS0, 0

Timeline

  • Mar 25, 2026 CVE Published
  • Mar 25, 2026 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›