CVE-2026-28923
Received Received - Intake
Logging Issue in macOS Leads to Sandbox Escape

Publication date: 2026-05-11

Last updated on: 2026-05-11

Assigner: Apple Inc.

Description
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-11
Last Modified
2026-05-11
Generated
2026-06-21
AI Q&A
2026-05-12
EPSS Evaluated
2026-06-20
NVD
CVE-2026-28923
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
apple macos_sequoia 15.7.7
apple macos_sonoma 14.8.7
apple macos_tahoe 26.5
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability involves a logging issue that was addressed with improved data redaction, which suggests that sensitive information could have been exposed in logs.

Since improper data redaction in logs can lead to unauthorized access to sensitive data, this could potentially impact compliance with data protection regulations such as GDPR and HIPAA, which require protection of personal and health information.

However, the provided information does not explicitly state the direct impact on compliance with these standards.

Executive Summary

This vulnerability involves a logging issue in certain versions of macOS where data redaction was insufficient. Because of this, a malicious application may be able to break out of its sandbox, potentially gaining unauthorized access beyond its intended restrictions.

Impact Analysis

If exploited, this vulnerability could allow a malicious app to escape its sandbox environment, which is designed to isolate apps and limit their access to system resources and user data. This could lead to unauthorized access to sensitive information or system functions.

Mitigation Strategies

To mitigate this vulnerability, update your macOS system to one of the fixed versions: macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, or macOS Tahoe 26.5.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-28923. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart