CVE-2026-28930
macOS Tahoe Permissions Issue Exposes User Data
Publication date: 2026-05-11
Last updated on: 2026-05-11
Assigner: Apple Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apple | macos_tahoe | 26.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability involves a permissions issue that could allow an app to access protected user data. Such unauthorized access to protected data can potentially impact compliance with data protection regulations like GDPR and HIPAA, which require strict controls on access to personal and sensitive information.
However, specific details on the impact to compliance with these standards are not provided in the available information.
Can you explain this vulnerability to me?
This vulnerability is a permissions issue in macOS Tahoe that was addressed by adding additional restrictions. It could allow an application to access protected user data without proper authorization.
How can this vulnerability impact me? :
If exploited, this vulnerability could allow an app to access your protected user data, potentially leading to unauthorized disclosure of personal or sensitive information.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is fixed in macOS Tahoe 26.5. To mitigate this issue, you should update your system to macOS Tahoe 26.5 or later.