Summaryinfo

A vulnerability classified as critical was found in Apple macOS up to 26.3. Impacted is an unknown function of the component App. Such manipulation leads to sandbox. This vulnerability is referenced as CVE-2026-28826. The attack can only be performed from a local environment. No exploit is available. Upgrading the affected component is advised.

Detailsinfo

A vulnerability was found in Apple macOS up to 26.3 and classified as critical. Affected by this issue is an unknown function of the component App. The manipulation with an unknown input leads to a sandbox vulnerability. Using CWE to declare the problem leads to CWE-265. Impacted is confidentiality, integrity, and availability. CVE summarizes:

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Tahoe 26.4. A malicious app may be able to break out of its sandbox.

The advisory is shared for download at support.apple.com. This vulnerability is handled as CVE-2026-28826 since 03/03/2026. The exploitation is known to be easy. The attack needs to be approached locally. There are neither technical details nor an exploit publicly available. The current price for an exploit might be approx. USD $0-$5k (estimation calculated on 03/29/2026). The MITRE ATT&CK project declares the attack technique as T1611.

Upgrading to version 26.4 eliminates this vulnerability.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Productinfo

Type

• Operating System

Vendor

• Apple

Name

• macOS

Version

• 26.0
• 26.1
• 26.2
• 26.3

License

• commercial

Website

• Vendor: https://www.apple.com/

CPE 2.3info

• 🔒
• 🔒
• 🔒

CPE 2.2info

• 🔒
• 🔒
• 🔒

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion