Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
5DescriptionCVE.org
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protected user data.
AnalysisAI
Insufficient permission enforcement in macOS Tahoe prior to 26.5 allows applications to bypass access controls and read protected user data without proper authorization. Apple addressed the vulnerability through hardened permission checks in version 26.5. EPSS probability indicates minimal observed exploitation activity (0.01%, 3rd percentile), and no public exploit code or CISA KEV listing exists at time of analysis, suggesting exploitation requires application-specific development effort rather than readily available tooling.
Technical ContextAI
This vulnerability stems from inadequate permission enforcement (CWE-284: Improper Access Control) in macOS Tahoe's application sandbox or entitlement framework. The macOS permission model relies on TCC (Transparency, Consent, and Control) to mediate application access to protected resources like contacts, photos, location data, and files. When permission validation logic contains flaws, malicious or compromised applications can bypass these controls and access user data without explicit user consent or proper entitlements. The CPE identifier (cpe:2.3:a:apple:macos) confirms this affects the macOS operating system platform itself rather than a third-party application, indicating a core OS security mechanism failure that could be exploited by any installed application.
RemediationAI
Apply macOS Tahoe 26.5 released by Apple, which implements additional permission validation restrictions to prevent unauthorized data access. Download the update through System Settings > General > Software Update or via Apple's support portal at https://support.apple.com/en-us/127115. For environments unable to patch immediately, implement temporary compensating controls: restrict installation of new applications through Gatekeeper policies requiring notarized software only, audit existing application entitlements using 'codesign -d --entitlements' to identify apps with broad data access permissions, and deploy MDM policies limiting TCC database modifications. Note these workarounds only reduce attack surface and cannot fully prevent exploitation by already-installed malicious applications. Full remediation requires OS upgrade to 26.5.
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-29247
GHSA-7gpw-768q-4j6r