{"dataType": "CVE_RECORD", "containers": {"cna": {"metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"cpes": ["cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*"], "vendor": "apple", "product": "ipados", "versions": [{"status": "affected", "version": "0", "lessThan": "18.7.5", "versionType": "custom"}, {"status": "affected", "version": "26.0", "lessThan": "26.3", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*"], "vendor": "apple", "product": "iphone_os", "versions": [{"status": "affected", "version": "0", "lessThan": "18.7.5", "versionType": "custom"}, {"status": "affected", "version": "26.0", "lessThan": "26.3", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*"], "vendor": "apple", "product": "macos", "versions": [{"status": "affected", "version": "0", "lessThan": "14.8.4", "versionType": "custom"}, {"status": "affected", "version": "26.0", "lessThan": "26.3", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*"], "vendor": "apple", "product": "visionos", "versions": [{"status": "affected", "version": "0", "lessThan": "26.3", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://support.apple.com/en-us/126346", "tags": ["release-notes", "vendor-advisory"]}, {"url": "https://support.apple.com/en-us/126347", "tags": ["release-notes", "vendor-advisory"]}, {"url": "https://support.apple.com/en-us/126348", "tags": ["release-notes", "vendor-advisory"]}, {"url": "https://support.apple.com/en-us/126350", "tags": ["release-notes", "vendor-advisory"]}, {"url": "https://support.apple.com/en-us/126353", "tags": ["release-notes", "vendor-advisory"]}], "descriptions": [{"lang": "en", "value": "A race condition was addressed with improved handling of symbolic links. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. A shortcut may be able to bypass sandbox restrictions."}, {"lang": "es", "value": "Se abordó una condición de carrera con una gestión mejorada de los enlaces simbólicos. Este problema se solucionó en macOS Tahoe 26.3, macOS Sonoma 14.8.4, iOS 18.7.5 y iPadOS 18.7.5, visionOS 26.3, iOS 26.3 y iPadOS 26.3. Un atajo podría eludir las restricciones de sandbox."}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-362", "description": "CWE-362"}, {"lang": "en", "cweId": "CWE-367", "description": "CWE-367"}]}], "providerMetadata": {"orgId": "00000000-0000-4000-A000-000000000003", "shortName": "nvd", "dateUpdated": "2026-02-11T23:16:10Z", "x_subShortName": "nvd"}}}, "cveMetadata": {"cveId": "CVE-2026-20677", "state": "PUBLISHED", "dateUpdated": "2026-04-02T19:21:21Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2026-02-11T23:16:10Z", "assignerShortName": "apple"}, "dataVersion": "5.0"}