Medium severity4.0NVD Advisory· Published Mar 25, 2026· Updated May 11, 2026

CVE-2026-28826

Description

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. A malicious app may be able to break out of its sandbox.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A logic issue in macOS allows a malicious app to break out of its sandbox; Apple addressed it in macOS Sequoia 15.7.5, Sonoma 14.8.5, and Tahoe 26.4.

CVE-2026-28826 is a logic issue in macOS that could allow a malicious application to escape its sandbox restrictions. The flaw stems from inadequate restrictions in the operating system's sandbox enforcement, enabling an app to bypass intended containment.

Exploitation requires a malicious app to be installed on the system. No special privileges are needed beyond the ability to run code; the app can then leverage the logic flaw to break out of its sandbox. The attack surface is local, as the app must be executed on the target macOS device.

A successful sandbox escape could allow the malicious app to access system resources, user data, or other applications' data that are normally protected by the sandbox. This could lead to unauthorized data access or further compromise of the system.

Apple has addressed this issue in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, and macOS Tahoe 26.4 [1][2][3]. Users are advised to update to these versions to mitigate the risk.

References

AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Apple Inc./macOS2 versions
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*range: >=26.0,<26.4
- (no CPE)range: 0
Apple Inc./macOS Tahoellm-create
Range: <26.4
Apple Inc./macOS Sequoiallm-fuzzy
Range: <15.7.5
Apple Inc./macOS Sonomallm-fuzzy
Range: <14.8.5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.apple.com/en-us/126794nvdRelease NotesVendor Advisory
support.apple.com/en-us/126795nvd
support.apple.com/en-us/126796nvd

News mentions

Apple Patches Dozens of Vulnerabilities in macOS, iOS
SecurityWeek · May 12, 2026
Apple Patches Everything, (Mon, May 11th)
SANS Internet Storm Center · May 11, 2026

cvss	0.260
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000