Description A logic issue was addressed with improved checks. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, watchOS 26.3. An app may be able to break out of its sandbox.
CVSS vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Exploitability: 2.0 | Impact: 6.0 Attack Vector: Local
Complexity: Low
Privileges: Low
User Interaction: None
Scope: Changed
Confidentiality: High
Integrity: High
Availability: High
Affected Packages7 packages Show 2 more packages
🔴 Vulnerability Details2 GHSA GHSA-2jp6-x3f3-3m72: A logic issue was addressed with improved checks ↗ 2026-02-12 ▶ CVEList CVE-2026-20667: A logic issue was addressed with improved checks ↗ 2026-02-11 ▶
📋 Vendor Advisories5 Apple CVE-2026-20667: macOS Sonoma 14.8.4 ↗ 2026-02-11 ▶ Apple CVE-2026-20667: macOS Tahoe 26.3 ↗ 2026-02-11 ▶ Apple CVE-2026-20667: macOS Sequoia 15.7.4 ↗ 2026-02-11 ▶ Apple CVE-2026-20667: iOS 26.3 and iPadOS 26.3 ↗ 2026-02-11 ▶ Apple CVE-2026-20667: watchOS 26.3 ↗ 2026-02-11 ▶
🕵️ Threat Intelligence1 Wiz CVE-2026-20667 Impact, Exploitability, and Mitigation Steps | Wiz ↗ ▶