PT-2026-39787 · Apple · Macos Sequoia+2
Andreas Jaegersberger
+3
·
Published
2026-05-11
·
Updated
2026-05-11
·
CVE-2026-28924
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
macOS Sequoia versions prior to 15.7.7
macOS Sonoma versions prior to 14.8.7
macOS Tahoe versions prior to 26.5
Description
A race condition exists due to improper handling of symbolic links, which are shortcuts that point to another file or directory. This flaw may allow an application to access Contacts without obtaining user consent.
Recommendations
Update macOS Sequoia to version 15.7.7.
Update macOS Sonoma to version 14.8.7.
Update macOS Tahoe to version 26.5.
Fix
Race Condition
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Macos Sequoia
Macos Sonoma
Macos Tahoe