Primary

Context

Apple Xcode Sandbox Escape Vulnerability in CoreML IDE

Vulnerability

Patched

A vulnerability allowing apps to read and write files outside their designated sandbox has been identified in Apple Xcode. This issue affects users on macOS Sequoia 15.6 and later. The vulnerability arises from inadequate checks in the path handling process, which could potentially allow an app to break out of its sandbox restrictions.

Impact

Exploitation of this vulnerability could lead to unauthorized file access and modification outside of the app's sandbox, potentially compromising user data or system integrity.

Remediation

Users can update to Xcode 26 to address this vulnerability.

Added: Sep 16, 2025, 12:43 AM

Updated: Sep 16, 2025, 12:43 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

5.0

exploitability

3.3

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

5.0

exploitability

3.3

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple Xcode Sandbox Escape Vulnerability in CoreML IDE

Vulnerability

Impact

Remediation

Affected Products

Apple Xcode

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating