Home / Vulnerability Intelligence / CVE-2026-28923

CVE-2026-28923 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: May 12, 2026

Apple macOS - Sandbox Escape

Published: May 11, 2026Updated: May 12, 2026

Overview

Apple macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, and macOS Tahoe 26.5 contain a sandbox escape caused by insufficient data redaction in logging, letting malicious apps break out of their sandbox, exploit requires malicious app execution.

Severity & Score

Severity: High

CVSS Score: 8.8

Impact

Malicious apps can escape sandbox restrictions, potentially leading to privilege escalation or unauthorized system access.

Mitigation

Update to macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5 or later.

References

https://support.apple.com/en-us/127115
https://support.apple.com/en-us/127116
https://support.apple.com/en-us/127117

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-28923
Severity: High
CVSS Score: 8.8
Type: broken_access_control
Status: confirmed

CWE

CWE-532

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H