macOS: App may access user-sensitive data through symlinks

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

macOS: App may access user-sensitive data through symlinks

CVE-2026-20633

Summary

The macOS operating system had a weakness that could be exploited by malicious apps to access sensitive user data. This has been fixed in recent updates, so make sure your system is up to date. If you haven't updated yet, do so as soon as possible.

Original title

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access user-sensitive data.

Original description

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access user-sensitive data.

https://support.apple.com/en-us/126794
https://support.apple.com/en-us/126795
https://support.apple.com/en-us/126796

Published: 25 Mar 2026 · Updated: 25 Mar 2026 · First seen: 25 Mar 2026