CVE-2026-28889

Description

A permissions issue was addressed with additional restrictions. This issue is fixed in Xcode 26.4. An app may be able to read arbitrary files as root.

CVSS breakdown

Affected products

• Apple / Xcode0 – 26.4

References

• VENDOR_ADVISORYhttps://support.apple.com/en-us/126801