Xcode 26.3: Unrestricted File Access Through Elevated Privileges

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Xcode 26.3: Unrestricted File Access Through Elevated Privileges

CVE-2026-28889

Summary

An older version of Xcode has a bug that allows an app to read any file on a Mac with administrator privileges. This issue is fixed in Xcode 26.4. If you're using Xcode 26.3, update to Xcode 26.4 to fix the vulnerability.

Original title

A permissions issue was addressed with additional restrictions. This issue is fixed in Xcode 26.4. An app may be able to read arbitrary files as root.

Original description

A permissions issue was addressed with additional restrictions. This issue is fixed in Xcode 26.4. An app may be able to read arbitrary files as root.

https://support.apple.com/en-us/126801

Published: 25 Mar 2026 · Updated: 25 Mar 2026 · First seen: 25 Mar 2026