Skip to main content

macOS Tahoe CVE-2026-43652

| EUVDEUVD-2026-29298 HIGH
Improper Access Control (CWE-284)
2026-05-11 apple GHSA-x88f-jpfv-xprq
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

5
Analysis Generated
May 13, 2026 - 15:53 vuln.today
CVSS changed
May 13, 2026 - 15:52 NVD
7.5 (None) 7.5 (HIGH)
Patch available
May 11, 2026 - 22:18 EUVD
CVE Published
May 11, 2026 - 20:08 nvd
UNKNOWN (no severity yet)
CVE Published
May 11, 2026 - 20:08 nvd
HIGH 7.5

DescriptionCVE.org

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protected user data.

AnalysisAI

macOS Tahoe allows applications to access protected user data due to insufficient permission enforcement on system APIs. The vulnerability affects all macOS versions prior to 26.5 and is tagged as an authentication bypass, indicating apps can circumvent permission prompts or system restrictions to read sensitive data without user consent. While not yet actively exploited (EPSS 0.01%, no CISA KEV listing), the CVSS vector (AV:N/AC:L/PR:N/UI:N) appears inconsistent with the local application context described, suggesting potential network-accessible component or misclassified attack vector requiring vendor clarification.

Technical ContextAI

This is a permissions enforcement vulnerability (CWE-284: Improper Access Control) in macOS Tahoe's application sandboxing and permission framework. According to CPE data, the vulnerability exists in macOS versions below 26.5. The issue stems from insufficient validation when applications request access to protected user data stores such as contacts, photos, health data, or file system locations governed by Transparency, Consent, and Control (TCC) mechanisms. The authentication bypass tag suggests applications can exploit this flaw to read protected resources without proper TCC authorization checks, potentially bypassing both user consent dialogs and system-level restrictions that isolate sensitive data from untrusted processes.

RemediationAI

Update to macOS Tahoe 26.5 or later, which Apple confirms addresses the permissions issue with additional restrictions per their security advisory at https://support.apple.com/en-us/127115. Organizations should prioritize deployment to systems running sensitive applications or storing protected user data. Until patching is complete, implement compensating controls: restrict installation of third-party applications through MDM policies allowing only signed apps from identified developers, enable Gatekeeper with strictest settings, audit existing installed applications for unexpected permission grants via System Settings > Privacy & Security, and monitor TCC database logs for anomalous permission usage patterns. Note that restricting app installation may impact user productivity and require exception processes for legitimate business applications.

Share

CVE-2026-43652 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy