CVE-2026-28950

CVE-2026-28950 describes a logging issue in Apple’s Notification Services where copies of notifications marked for deletion could be retained in the device’s storage. The vulnerability is addressed by patches in iOS 18.7.8 and iPadOS 18.7.8, and iOS 26.4.2 and iPadOS 26.4.2. Affected products inc...

CVE-2026-28856

The issue was addressed with improved authentication. This issue is fixed in iOS 26.4 and iPadOS 26.4, visionOS 26.4, watchOS 26.4. An attacker with physical access to a locked device may be able to view sensitive user information...

CVE-2026-28824

CVE-2026-28824 is an Apple macOS vulnerability described as an authorization issue addressed by improved state management. The CVE affects macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, and macOS Tahoe 26.4, with the impact that an app may be able to access sensitive user data. The primary technical ...

Apple Security Update: iOS 18.7.6

Apple recommends to install security update iOS 18.7.6 on devices iPhone XS, iPhone XS Max, iPhone XR...

CVE-2026-20674

A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access to a locked device may be able to view sensitive user information...

PT-2026-7802

Name of the Vulnerable Software and Affected Versions macOS versions prior to Tahoe 26.3 macOS versions prior to Sonoma 14.8.4 macOS versions prior to Sequoia 15.7.4 iOS versions prior to 18.7.5 iPadOS versions prior to 18.7.5 iOS versions prior to 26.3 iPadOS versions prior to 26.3 Description A...

Stable Channel Update for ChromeOS / ChromeOS Flex

The ChromeOS Stable channel is being updated to OS version 16503.60.0 Browser version 144.0.7559.108 for most ChromeOS devices. If you find new issues, please let us know one of the following ways: 1. File a bug 2. Visit our ChromeOS communities 1. General: Chromebook Help Community 2. Beta...

Apple Security Update: iOS 26.2.1 and iPadOS 26.2.1

Apple recommends to install security update iOS 26.2.1 and iPadOS 26.2.1 on devices iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later...

CVE-2025-24090

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3. An app may be able to enumerate a user's installed apps...

CVE-2025-43533

Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in watchOS 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, tvOS 26.2. A malicious HID device may cause an unexpected process crash...

CVE-2025-43350

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker may be able to view restricted content from the lock screen...

PT-2025-44850

Name of the Vulnerable Software and Affected Versions macOS versions prior to 15.7.2 Description A permissions issue existed due to insufficient sandbox restrictions, potentially allowing an application to access sensitive user data. Recommendations Update to macOS version 15.7.2 to address the...

CVE-2025-30468

This issue was addressed through improved state management. This issue is fixed in iOS 26 and iPadOS 26. Private Browsing tabs may be accessed without authentication...

CVE-2025-43212

CVE-2025-43212 relates to WebKit/WebKitGTK: processing maliciously crafted web content may cause an unexpected Safari crash. Connected docs confirm it as one of several WebKitGTK issues addressed in security updates and linked to memory handling improvements. Apple’s advisory for Safari 18.6 note...

CVE-2021-30998

A S/MIME issue existed in the handling of encrypted email. This issue was addressed with improved selection of the encryption certificate. This issue is fixed in iOS 15.2 and iPadOS 15.2. A sender's email address may be leaked when sending an S/MIME encrypted email using a certificate with more...

CVE-2021-30915

A logic issue was addressed with improved state management. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A person with physical access to an iOS device may be able to determine...

CVE-2025-31204

The CVE-2025-31204 issue affects WebKitGTK/WebKit components as applied in affected platforms, where processing maliciously crafted web content may lead to memory corruption. The available connected documents indicate the root cause is memory handling deficiencies, with the vulnerability fixed by...

CVE-2025-30427

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected Safari crash...

CVE-2025-24141

An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3. An attacker with physical access to an unlocked device may be able to access Photos while the app is locked...

CVE-2024-49882

In the Linux kernel, the following vulnerability has been resolved: ext4: fix double brelse the buffer of the extents path In ext4exttrytomergeup, set path1.pbh to NULL after it has been released, otherwise it may be released twice. An example of what triggers this is as follows: split2 map split...