CVE-2026-28930: An app may be able to access protected user data in Apple macOS
CVE-2026-28930 is a permissions vulnerability in Apple macOS that could allow an app to access protected user data. The issue was addressed by adding additional restrictions and is fixed in macOS Tahoe 26. 5. There is no CVSS score available, and no known exploits in the wild have been reported. Patch status is not explicitly confirmed in the provided data, so users should verify with Apple's official advisory for remediation details.
AI Analysis
Technical Summary
This vulnerability involves a permissions issue in Apple macOS that may permit an application to access protected user data improperly. Apple has addressed this by implementing additional restrictions in macOS Tahoe 26.5. The vulnerability was publicly disclosed in May 2026, but no CVSS score or detailed technical exploitation information is available. No known exploits have been reported in the wild at this time.
Potential Impact
An application could potentially bypass permissions controls to access protected user data on affected macOS versions prior to the fix in macOS Tahoe 26.5. This could lead to unauthorized data exposure. No evidence of active exploitation has been reported.
Mitigation Recommendations
A fix is available in macOS Tahoe 26.5. Users and administrators should update to this version to remediate the vulnerability. Since the vendor advisory content is not provided, confirm patch availability and installation instructions from Apple's official security updates.
CVE-2026-28930: An app may be able to access protected user data in Apple macOS
Description
CVE-2026-28930 is a permissions vulnerability in Apple macOS that could allow an app to access protected user data. The issue was addressed by adding additional restrictions and is fixed in macOS Tahoe 26. 5. There is no CVSS score available, and no known exploits in the wild have been reported. Patch status is not explicitly confirmed in the provided data, so users should verify with Apple's official advisory for remediation details.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves a permissions issue in Apple macOS that may permit an application to access protected user data improperly. Apple has addressed this by implementing additional restrictions in macOS Tahoe 26.5. The vulnerability was publicly disclosed in May 2026, but no CVSS score or detailed technical exploitation information is available. No known exploits have been reported in the wild at this time.
Potential Impact
An application could potentially bypass permissions controls to access protected user data on affected macOS versions prior to the fix in macOS Tahoe 26.5. This could lead to unauthorized data exposure. No evidence of active exploitation has been reported.
Mitigation Recommendations
A fix is available in macOS Tahoe 26.5. Users and administrators should update to this version to remediate the vulnerability. Since the vendor advisory content is not provided, confirm patch availability and installation instructions from Apple's official security updates.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- apple
- Date Reserved
- 2026-03-03T16:36:03.987Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a028755cbff5d86108b5931
Added to database: 5/12/2026, 1:50:13 AM
Last enriched: 5/12/2026, 1:59:38 AM
Last updated: 5/12/2026, 3:50:29 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.