What is CVE-2022-26755?

CVE-2022-26755 is a vulnerability in Apple Macos. Published 2022-05-26.

Is CVE-2022-26755 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apple Macos

CVE-2022-26755

This issue was addressed with improved environment sanitization. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to break out of its sandbox.

EPSS: 0.003 (52.0th percentile) — read the EPSS interpretation.

Affected products

Apple Macos — versions unspecified
Apple Security Update - Catalina — versions unspecified

Public proof-of-concept exploits

0x3c3e/pocs

References

support.apple.com/en-us/HT213255 (x_refsource_MISC)
support.apple.com/en-us/HT213256 (x_refsource_MISC)
support.apple.com/en-us/HT213257 (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-26755?: CVE-2022-26755 is a vulnerability in Apple Macos. Published 2022-05-26.
Is CVE-2022-26755 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.