Lucene search
K

32953 matches found

Positive Technologies
Positive Technologies
added 2 days ago5 views

PT-2026-53720

Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.5.2 iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description Improved input validation was implemented to address a flaw where a malicious website could process...

7.1CVSS6.1AI score0.00314EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2 days ago10 views

PT-2026-53725

Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.5.2 iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description A use-after-free issue exists due to improper memory management. This occurs when a program continues...

6.5CVSS5.7AI score0.0024EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-53707

Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.5.2 iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description A memory corruption issue exists within WebKit. Processing maliciously crafted web content can lead t...

6.1AI score0.00164EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-53718

Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description A kernel issue exists where an application may be able to leak sensitive kernel state. The problem is related to insufficient input...

5.5CVSS6AI score0.00193EPSS
Exploits0References6
Apple
Apple
added 2 days ago7 views

About the security content of macOS Tahoe 26.5.2

About the security content of macOS Tahoe 26.5.2 This update delivers security fixes that were first made available in the macOS Tahoe 26.6 beta. This document describes the security content of macOS Tahoe 26.5.2. About Apple security updates For our customers' protection, Apple doesn't disclose,...

9.1CVSS5.8AI score0.0036EPSS
Exploits2References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2 days ago4 views

macOS 26.x < 26.5.2 Multiple Vulnerabilities (127595)

The remote host is running a version of macOS / Mac OS X that is 26.x prior to 26.5.2. It is, therefore, affected by multiple vulnerabilities: - A use-after-free issue was addressed with improved memory management. CVE-2026-28979, CVE-2026-39868, CVE-2026-39872, CVE-2026-43663, CVE-2026-43676,...

9.1CVSS6.1AI score0.0036EPSS
Exploits2References38
CVE
CVE
added 2026/06/23 11:54 p.m.16 views

CVE-2026-7574

Anthropic Claude Desktop Cowork VM images (v1.1348.0–v1.2278.0) do not validate the contents of rootfs.img at time-of-use; only file presence and a version marker are checked. A local, unprivileged macOS user can modify the VM root filesystem image and have it trusted on subsequent Cowork VM boot...

8.7CVSS6.5AI score0.00103EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/23 7:53 p.m.7 views

EUVD-2026-38604

Module: plugins/modules/keyringinfo.py CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: The module retrieves a passphrase from the OS native keyring GNOME Keyring, macOS Keychain, Windows Credential Manager and places it directly into result"passphrase" with no output suppression...

5.5CVSS6.1AI score0.00128EPSS
Exploits0References2
NVD
NVD
added 2026/06/23 6:18 p.m.7 views

CVE-2026-49401

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.14, Deno's permission system enforces filesystem and execution restrictions by comparing the requested path against the path supplied to --deny-read, --deny-write, --deny-run, or --deny-ffi. On macOS, that comparison was done...

8.4CVSS0.00144EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/23 5:22 p.m.33 views

CVE-2026-49401 Deno Permission Bypass via Unicode Normalization Mismatch on macOS (APFS)

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.14, Deno's permission system enforces filesystem and execution restrictions by comparing the requested path against the path supplied to --deny-read, --deny-write, --deny-run, or --deny-ffi. On macOS, that comparison was done...

7.3CVSS0.00144EPSS
Exploits1References1
CVE
CVE
added 2026/06/23 12:13 p.m.15 views

CVE-2026-56315

CVE-2026-56315 affects the Python tool picklescan until version 1.0.4, which fails to block imports from at least seven standard library modules (e.g., uuid, _osx_support, _aix_support, _pyrepl.pager, imaplib). This allows adversaries to craft pickle files that import these unblocked modules to t...

9.8CVSS6.7AI score0.00757EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.9 views

PT-2026-51611

Name of the Vulnerable Software and Affected Versions Anthropic Claude Desktop Cowork VM versions 1.1348.0 through 1.2278.0 Description The Cowork VM image handling process validates only the presence of the file and a version marker string before booting rootfs.img, failing to verify the integri...

8.7CVSS6.4AI score0.00103EPSS
Exploits1References8
OSV
OSV
added 2026/06/22 10:38 p.m.7 views

MAL-2026-6274 Malicious code in web3-token-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c826bf782895b60580b94e3a28a2c4562d3742420ce81e9895ad8568da57890 The package advertises itself as a Web3 fee utility but its main export is a dropper. index.js line 140 base64-decodes a platform-specific command...

5.8AI score
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

“Clear History and Website Data” did not successfully clear the browsing history. The issue was resolved through improved data deletion mechanisms. This issue has been fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3, and iPadOS 14.3, as we...

3.3CVSS6.4AI score0.0036EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved by improving access restrictions to the file system. This issue is fixed in Safari 18.3, iOS 18.3, iPadOS 18.3, macOS Sequoia 15.3, and visionOS 2.3. A maliciously crafted webpage may be able to obtain user fingerprints...

6.5CVSS6.9AI score0.00798EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in WebKit2GTK

A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in macOS Ventura 13, iOS 16.1, iPadOS 16, and Safari 16.1. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS8.1AI score0.00775EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.11 views

Astra Linux – Vulnerability in WebKit2GTK

This issue was addressed through improved state management. This issue is fixed in Safari 18.3, iOS 18.3, iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, and watchOS 11.3. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS7.3AI score0.00949EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

An information disclosure issue was resolved by removing the vulnerable code. This issue has been fixed in macOS Monterey 12.5. A website may be able to track the websites a user visited in Safari’s private browsing mode...

5.3CVSS6.9AI score0.00418EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in WebKit2GTK

A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in macOS Monterey 12.3, iOS 15.4, iPadOS 15.4, tvOS 15.4, and Safari 15.4. Processing maliciously crafted web content may lead to arbitrary code...

8.8CVSS7.9AI score0.01023EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox

A use-after-free crash could occur on macOS if a Firefox update was applied to a heavily utilized system. This could lead to a exploitable crash. This vulnerability affects Firefox versions earlier than 122...

6.5CVSS6.8AI score0.00419EPSS
Exploits0References1
Rows per page
Query Builder