Lucene search
K

1270 matches found

Cvelist
Cvelist
added 2026/05/11 8:8 p.m.30 views

CVE-2026-28987

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to leak sensitive kernel state...

0.0044EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/05/11 8:8 p.m.9 views

CVE-2026-28987

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to leak sensitive kernel state...

5.8AI score0.0044EPSS
Exploits0References7
CVE
CVE
added 2026/05/11 8:8 p.m.18 views

CVE-2026-28987

The CVE-2026-28987 describes a logging issue that could cause leakage of sensitive kernel state due to insufficient data redaction. Apple fixed this by improving data redaction in the kernel logging path. Affected updates include iOS 18.7.9 / iPadOS 18.7.9, iOS 26.5 / iPadOS 26.5, macOS Sequoia 1...

7.5CVSS5.8AI score0.0044EPSS
Exploits0References7Affected Software5
Vulnrichment
Vulnrichment
added 2026/05/11 8:7 p.m.8 views

CVE-2026-28923

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox...

5.8AI score0.00154EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/11 8:7 p.m.31 views

CVE-2026-28923

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox...

0.00154EPSS
Exploits0References3
CVE
CVE
added 2026/05/11 8:7 p.m.28 views

CVE-2026-28923

CVE-2026-28923 affects macOS components across Sequoia 15.7.7, Sonoma 14.8.7, and Tahoe 26.5. The issue is described as a logging problem where data was not properly redacted, with the underlying risk that a malicious app could break out of its sandbox. Apple’s security updates for these macOS ve...

8.8CVSS5.8AI score0.00154EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/11 8:7 p.m.11 views

CVE-2026-28943

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to determine kernel memory layout...

5.8AI score0.0044EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/11 8:7 p.m.37 views

CVE-2026-28943

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to determine kernel memory layout...

0.0044EPSS
Exploits0References7
CVE
CVE
added 2026/05/11 8:7 p.m.19 views

CVE-2026-28943

CVE-2026-28943 is a logging/data redaction issue tied to kernel memory layout disclosure. Connected sources confirm the vulnerability is present in macOS family components (notably IOHIDFamily) and related OS lineages, with the root cause described as a logging issue leaking kernel memory layout ...

7.5CVSS5.8AI score0.0044EPSS
Exploits0References7Affected Software5
Cvelist
Cvelist
added 2026/05/11 5:24 p.m.47 views

CVE-2026-43895 jq: Embedded NUL in jq import paths causes local redaction-policy bypass and preserves sensitive fields in published artifacts

jq is a command-line JSON processor. In 1.8.1 and earlier, jq accepts embedded NUL bytes in import paths at the jq-language level, but later resolves those paths through C string operations during module and data-file lookup. This creates a mismatch between the logical import string that policy o...

4.4CVSS0.00157EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/05/11 5:24 p.m.7 views

CVE-2026-43895 jq: Embedded NUL in jq import paths causes local redaction-policy bypass and preserves sensitive fields in published artifacts

jq is a command-line JSON processor. In 1.8.1 and earlier, jq accepts embedded NUL bytes in import paths at the jq-language level, but later resolves those paths through C string operations during module and data-file lookup. This creates a mismatch between the logical import string that policy o...

4.4CVSS5.9AI score0.00157EPSS
Exploits1References1
CVE
CVE
added 2026/05/11 5:24 p.m.25 views

CVE-2026-43895

jq versions 1.8.1 and earlier are affected: embedded NUL bytes in import paths at the jq-language level can be resolved differently during module/data-file lookup, creating a mismatch between the logical import string and the on-disk path opened. This mismatch can enable a local redaction-policy ...

4.4CVSS5.9AI score0.00157EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.11 views

PT-2026-39786

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A malicious app may be able to break out of its sandbox...

5.8AI score0.00154EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.9 views

PT-2026-39823

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.9 iOS versions prior to 26.5 iPadOS versions prior to 18.7.9 iPadOS versions prior to 26.5 macOS Sequoia versions prior to 15.7.7 macOS Sonoma versions prior to 14.8.7 macOS Tahoe versions prior to 26.5 tvOS versions...

7.5CVSS5.8AI score0.0044EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.10 views

PT-2026-39795

Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.9 iOS versions prior to 26.5 iPadOS versions prior to 18.7.9 iPadOS versions prior to 26.5 macOS Sequoia versions prior to 15.7.7 macOS Sonoma versions prior to 14.8.7 macOS Tahoe versions prior to 26.5 tvOS versions...

7.5CVSS5.8AI score0.0044EPSS
Exploits0References10
Apple
Apple
added 2026/05/11 12:0 a.m.16 views

About the security content of iPadOS 17.7.11

About the security content of iPadOS 17.7.11 This document describes the security content of iPadOS 17.7.11. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

6.2CVSS6AI score0.0288EPSS
Exploits0References1Affected Software1
Apple
Apple
added 2026/05/11 12:0 a.m.17 views

About the security content of iOS 15.8.8 and iPadOS 15.8.8

About the security content of iOS 15.8.8 and iPadOS 15.8.8 This document describes the security content of iOS 15.8.8 and iPadOS 15.8.8. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

6.2CVSS6AI score0.0288EPSS
Exploits0References1Affected Software2
Apple
Apple
added 2026/05/11 12:0 a.m.16 views

About the security content of iOS 16.7.16 and iPadOS 16.7.16

About the security content of iOS 16.7.16 and iPadOS 16.7.16 This document describes the security content of iOS 16.7.16 and iPadOS 16.7.16. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred...

6.2CVSS6AI score0.0288EPSS
Exploits0References1Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/05/08 7:7 p.m.9 views

CVE-2026-42282

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to version 2.47.13, when n8n-mcp runs in HTTP transport mode, authenticated MCP tools/call requests had their full arguments and JSON-RPC params written to server logs by the...

4.3CVSS6AI score0.0025EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/05/08 11:30 a.m.8 views

CLSA-2026-1778239845 skopeo: Fix of 2 CVEs

CVE-2024-6104: backport go-retryablehttp URL redaction so basic-auth credentials embedded in request URLs are not written to logs/errors - CVE-2024-28180: backport go-jose decompression-bomb fix to both vendored major versions github.com/go-jose/go-jose/v3 and gopkg.in/square/go-jose.v2...

6CVSS6.7AI score0.01956EPSS
Exploits0References1
Rows per page
Query Builder