Description
CVE-2026-20622 is a privacy issue in the Shortcuts app on macOS related to improper handling of temporary files. According to Apple's advisory, the flaw could allow an app to capture a user's screen. It was reported by Csaba Fitzl (@theevilbit) of Iru.
Impact
Exploitation of this vulnerability could allow a malicious app to capture screen contents without the user's knowledge via a Shortcuts automation. Apple addressed the issue with improved handling of temporary files in macOS Tahoe 26.3.
CVE-2026-28951
Learn about CVE-2026-28951, a critical macOS vulnerability allowing root privilege escalation, and discover other recent security issues affecting Apple devices.
Learn MoreCVE-2024-27883
CVE-2024-27883 is a permissions issue within Apple's PackageKit framework that could allow an application to modify protected parts of the file system.
Learn MoreCVE-2026-20617
CVE-2026-20617 is a critical security vulnerability in macOS that could allow apps to gain root privileges. Learn about its impact and the necessary updates.
Learn More