Severity by source
AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
4DescriptionCVE.org
A permissions issue was addressed with additional restrictions. This issue is fixed in Xcode 26.4. An app may be able to read arbitrary files as root.
AnalysisAI
A permissions bypass vulnerability in Apple Xcode allows unprivileged applications to read arbitrary files with root-level privileges due to insufficient access controls. The vulnerability affects Xcode versions prior to 26.4 and could enable attackers to exfiltrate sensitive system files or configuration data. While no CVSS score or EPSS data is currently published, the ability to read arbitrary files as root represents a critical privilege escalation issue that warrants immediate patching.
Technical ContextAI
This vulnerability represents a permissions enforcement failure in Apple Xcode, the integrated development environment used for macOS and iOS development. The affected product is identified via CPE as cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*, covering all versions prior to the 26.4 patch release. While the specific CWE is not disclosed, the issue fundamentally relates to improper access control mechanisms—likely CWE-269 (Improper Access Control) or CWE-276 (Incorrect Default Permissions)—where Xcode's file access operations fail to properly validate or restrict permissions before granting root-level read access to arbitrary file system locations.
RemediationAI
Upgrade Apple Xcode to version 26.4 or later immediately to remediate this vulnerability. Users can obtain the patched version through the Mac App Store or by downloading directly from Apple's developer portal at https://support.apple.com/en-us/126801. As an interim measure before patching, restrict Xcode's execution environment using macOS security features such as System Integrity Protection (SIP) verification and restrict file system access through sandbox profiles or entitlements where possible. Additionally, audit any applications or build processes that depend on Xcode to ensure they are not running with elevated privileges unnecessarily.
Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range fi
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid
Git contains a CRLF injection vulnerability (CVE-2025-48384, CVSS 8.0) in its config handling that allows attackers to e
Git is an open-source distributed revision control system. Rated high severity (CVSS 7.5), this vulnerability is remotel
visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the docu
Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attacke
SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (becau
An issue was discovered in certain Apple products. Rated critical severity (CVSS 9.8), this vulnerability is remotely ex
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote
Git is an open source, scalable, distributed revision control system. Rated high severity (CVSS 8.8), this vulnerability
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. Rated high severity (C
Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. Rated high severity (C
Same weakness CWE-269 – Improper Privilege Management
View allSame technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-15167
GHSA-92fw-jwv6-qxx7