VDB
CISA-2026-28823
CISA-2026-28823
PUBLISHED
CVSS 4.9 MEDIUM
Reported by apple · Published March 25, 2026
A path handling issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.4. An app with root privileges may be able to delete protected system files.
Risk Scores
CVSS 3.1
4.9
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | macOS | 0 |
| Apple | macOS | 0, 0 |
Timeline
- Mar 25, 2026 CVE Published
- Mar 25, 2026 CVE Updated