We are seeing a similar issue. Our use case is automating a build server for CI/CD. This has worked for all versions prior to Sequoia but now fails with a network error. The process has two LaunchAgents configured for the user account of the build node. Each night one agent runs to reboot the machine and it is set to auto-login. On restart and login, the second LaunchAgent runs another script to restart the build service. This is a shell script that then runs a packer (Hashicorp) setup. The packer process also uses a plugin to run tart (wrapper around Apple hypervisor). What we see is the agent script runs correctly and call packer. Packer successfully starts the tart instance locally on the node and this comes up. Access is available from the user session to ping and ssh to node. However the launchd agent gets the network access error. We never see a user popup for the on-login launchd script even though the binary is authorised in Security Settings, Privacy. So binary has been authorised in user context for network access packer binary called during live session works and will successfully connect to local services packer binary called in launchd session during login is blocked from access and no user prompt is seen, but "no route to host" errors seen when it attempts to access local services. Suggests a bug in logic in handling authorised network access.