Race Condition Vulnerability in Apple macOS and iOS Products
CVE-2026-20677

9CRITICAL

Key Information:

Vendor: Apple
Status: Mac OS; Visionos; iOS And iPad OS
Vendor: CVE Published:; 11 February 2026

What is CVE-2026-20677?

A race condition has been identified in Apple products, potentially allowing shortcuts to bypass sandbox restrictions through improper handling of symbolic links. This vulnerability affects multiple versions of macOS and iOS, including macOS Tahoe 26.3, macOS Sonoma 14.8.4, and iOS 18.7.5. It is crucial for users to update their systems to the latest versions to mitigate security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

iOS and iPadOS < 26.3

iOS and iPadOS < 18.7

macOS < 26.3

References

https://support.apple.com/en-us/126348

https://support.apple.com/en-us/126353

https://support.apple.com/en-us/126350

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Feb 11, 2026
Vulnerability Reserved
Nov 11, 2025

JSON

Apple

What is CVE-2026-20677?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.