CVE-2026-28972

CVE-2026-28972 describes an out-of-bounds write vulnerability that could cause an app to terminate unexpectedly or write kernel memory. Apple specifies fixes via input validation improvements and lists affected platforms: iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7....

CVE-2026-28990

CVE-2026-28990 involves a memory handling flaw that may allow memory corruption when processing a specially crafted image. Apple lists this as fixed in multiple devices: iOS 26.5 and iPadOS 26.5; macOS Sequoia 15.7.7, Sonoma 14.8.7, Tahoe 26.5; tvOS 26.5; visionOS 26.5; and watchOS 26.5. The entr...

CVE-2026-28953

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2026-28962

This issue was addressed with improved access restrictions. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. Processing maliciously crafted web content may disclose sensitive user information...

CVE-2026-28974

This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause a denial-of-service...

CVE-2026-28923

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox...

CVE-2026-28923

CVE-2026-28923 affects macOS components across Sequoia 15.7.7, Sonoma 14.8.7, and Tahoe 26.5. The issue is described as a logging problem where data was not properly redacted, with the underlying risk that a malicious app could break out of its sandbox. Apple’s security updates for these macOS ve...

CVE-2026-28954

A file quarantine bypass was addressed with additional checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A maliciously crafted disk image may bypass Gatekeeper checks...

CVE-2026-28903

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2026-28903

CVE-2026-28903 is an Apple memory-management issue affecting web content processing that can crash the process. Connected sources describe multiple products affected (macOS Tahoe and other macOS variants; iOS/iPadOS; tvOS; visionOS; watchOS) with the root cause being improved memory handling to a...

CVE-2026-28846

CVE-2026-28846 is a buffer overflow vulnerability addressed by Apple via bounds checking improvements. The NVD entry states the issue affects multiple Apple operating systems and is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS T...

CVE-2026-28942

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash...

CVE-2026-28942

CVE-2026-28942 describes a use-after-free in processing malicious web content that can cause Safari to crash. Affected products are Apple platforms with fixed versions listed as iOS 26.5, iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, and watchOS 26.5. The underlying issue is a memory-m...

CVE-2026-28902

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2026-28847

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2026-28922

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to access private information...

CVE-2026-28963

CVE-2026-28963 affects iOS and iPadOS; a privacy issue was addressed by removing the vulnerable code and is fixed in iOS 26.5 and iPadOS 26.5 . An attacker with physical access could potentially use Visual Intelligence during iPhone Mirroring to access sensitive user data. The provided documents ...

CVE-2026-28963

A privacy issue was addressed by removing the vulnerable code. This issue is fixed in iOS 26.5 and iPadOS 26.5. An attacker with physical access may be able to use Visual Intelligence to access sensitive user data during iPhone Mirroring...

CVE-2026-28963

A privacy issue was addressed by removing the vulnerable code. This issue is fixed in iOS 26.5 and iPadOS 26.5. An attacker with physical access may be able to use Visual Intelligence to access sensitive user data during iPhone Mirroring...

CVE-2026-39870

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. Processing a maliciously crafted image may corrupt process memory...