Skip to main content

Apple EUVDEUVD-2026-15111

| CVE-2026-28838 MEDIUM
Improper Access Control (CWE-284)
2026-03-25 apple GHSA-7j45-7q44-56w8
5.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.3 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

4
Patch available
Apr 16, 2026 - 05:29 EUVD
15.7.5,26.4,14.8.5
EUVD ID Assigned
Mar 25, 2026 - 01:00 euvd
EUVD-2026-15111
Analysis Generated
Mar 25, 2026 - 01:00 vuln.today
CVE Published
Mar 25, 2026 - 00:32 nvd
MEDIUM 5.3

DescriptionCVE.org

A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to break out of its sandbox.

AnalysisAI

A sandbox escape vulnerability in macOS allows malicious applications to break out of their sandbox restrictions through a permissions issue. This affects macOS Sequoia (versions prior to 15.7.5), macOS Sonoma (versions prior to 14.8.5), and macOS Tahoe (versions prior to 26.4). An attacker who distributes a malicious app could potentially gain unauthorized access to system resources and user data that should be protected by the sandbox security boundary.

Technical ContextAI

The vulnerability exists in the macOS application sandbox mechanism, which is a core security boundary that isolates applications from the broader system and from one another. The issue is classified as a permissions enforcement failure rather than a code execution vulnerability itself. Apple's response involved implementing additional sandbox restrictions, indicating that the existing permission validation logic was insufficient to prevent unauthorized capability escalation. The affected CPE range (cpe:2.3:a:apple:macos:*:*:*:*:*:*:*:*) encompasses all macOS variants, though specific versions have been patched. This falls under authorization and access control weaknesses, representing a failure in the enforcement of sandbox isolation policies across multiple macOS releases.

RemediationAI

Immediately update to the patched versions: macOS Sequoia 15.7.5 or later, macOS Sonoma 14.8.5 or later, or macOS Tahoe 26.4 or later. Updates are available through System Settings > General > Software Update. For enterprise environments, deploy these updates through Mobile Device Management (MDM) systems or Mac updates via your standard patch management process. Until patching is completed, restrict installation of applications from untrusted sources and disable installation of apps from sources other than the App Store where possible, as the App Store applies additional security review. Users should also review installed applications and remove any that are not from trusted publishers.

Share

EUVD-2026-15111 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy