CVE-2026-28821

CVSS v3.1

8.4

High

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions macOS versions prior to Sequoia 15.7.5 macOS versions prior to Sonoma 14.8.5 macOS versions prior to Tahoe 26.4

Description A flaw existed in how the system verified process entitlements, potentially allowing an application to gain higher-level privileges than intended. The issue was resolved by enhancing the validation process for entitlements.

Recommendations Update to macOS Sequoia version 15.7.5 or later. Update to macOS Sonoma version 14.8.5 or later. Update to macOS Tahoe version 26.4 or later.

Fix

Improper Access Control

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-20

Related Identifiers

CVE-2026-28821

Affected Products

Apple Macos

Macos Sequoia

Macos Sonoma

Macos Tahoe

CVE-2026-28821

Weakness Enumeration

Related Identifiers

Affected Products

References · 7