diff --git a/CHANGELOG.md b/CHANGELOG.md
index 99d220a80..e09aaedb9 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,6 +11,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ### Added
 
 - Nix store access to the default sandbox
+- Mac OS's Library/Java/JavaVirtualMachines paths to the dependency parsing sandbox
 
 ### Fixed
 
diff --git a/cli/src/commands/parse.rs b/cli/src/commands/parse.rs
index aa2fc8619..c12d647be 100644
--- a/cli/src/commands/parse.rs
+++ b/cli/src/commands/parse.rs
@@ -473,6 +473,14 @@ fn depfile_parsing_sandbox(canonical_manifest_path: &Path) -> Result<Birdcage> {
         &mut birdcage,
         Exception::ExecuteAndRead("/etc/alternatives".into()),
     )?;
+    permissions::add_exception(
+        &mut birdcage,
+        Exception::ExecuteAndRead("/Library/Java/JavaVirtualMachines".into()),
+    )?;
+    permissions::add_exception(
+        &mut birdcage,
+        Exception::ExecuteAndRead(home.join("Library/Java/JavaVirtualMachines")),
+    )?;
     permissions::add_exception(&mut birdcage, Exception::ExecuteAndRead("/etc/maven".into()))?;
     for jdk_path in jdk_paths()? {
         permissions::add_exception(&mut birdcage, Exception::Read(jdk_path))?;