Root Privilege Escalation Vulnerability in macOS by Apple
CVE-2026-20658

Currently unrated

Key Information:

Vendor: Apple
Status: Mac OS
Vendor: CVE Published:; 11 February 2026

What is CVE-2026-20658?

A significant package validation issue was discovered in macOS, which could allow unauthorized applications to potentially gain root privileges. This security flaw was effectively mitigated by blocking the vulnerable package in the latest update. Users are advised to upgrade to macOS Tahoe 26.3 to ensure their systems are protected against this exploit.

Affected Version(s)

macOS 0 < 26.3

References

https://support.apple.com/en-us/126348

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 11, 2026
Vulnerability Reserved
Nov 11, 2025

CVE-2026-20658 Data

JSON