Skip to content
operating-system

CVE-2026-20617

Description

CVE-2026-20617 is a race condition within the CoreServices component of macOS. According to Apple's advisory, the flaw could allow an app to gain root privileges. This was a jointly-credited discovery: Golden Helm Securities, Gergely Kalman (@gergely_kalman), and Csaba Fitzl (@theevilbit) of Iru.

Impact

Exploitation of this vulnerability could allow a local app to escalate to root privileges by winning a race condition in CoreServices. Apple addressed the issue with improved state handling in macOS Tahoe 26.3.

Stay up to date

Iru's bi-weekly collection of articles, videos, and research to keep IT & Security teams ahead of the curve.