CVE-2026-28889

Summary

A permissions issue was addressed with additional restrictions. This issue is fixed in Xcode 26.4. An app may be able to read arbitrary files as root.

Affected Software

VendorProductVersion RangeStatus
AppleXcode0 < 26.4affected

Weaknesses

  • An app may be able to read arbitrary files as root

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References