A security vulnerability in macOS has been discovered. It allows malicious actors to escape the App Sandbox protection by manipulating security-scoped bookmarks.
Tracked as CVE-2025-31191, this vulnerability enables a threat actor to delete and replace a keychain entry critical for authenticating file access, effectively breaking one of macOS’s core security boundaries
https://cybersecuritynews.com/macos-san ... erability/