CVE-2026-28936

The issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sonoma 14.8.7, macOS Tahoe 26.5, visionOS 26.5. Processing a maliciously crafted file may lead to unexpected app termination...

Exploit for Server-Side Request Forgery in Internlm Lmdeploy

CVE-2026-33626 — LMDeploy Vision-Language SSRF Lab Overvie...

CVE-2026-28901

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper memory handling. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require WebKitGTK4:...

CVE-2026-28993

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, visionOS 26.5. An app may be able to access user-sensitive data...

CVE-2026-28972

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause unexpected...

CVE-2026-28944

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...

EUVD-2026-29533

Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable remote code execution. This result may potentially...

CVE-2026-20887

Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable remote code execution. This result may potentially...

CVE-2026-20887

Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable remote code execution. This result may potentially...

CVE-2026-20887

Improper access control for some Intel Vision software for all versions within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable remote code execution. This result may potentially...

CVE-2026-20887

Intel Vision software (all Ring 3 versions) is affected by CVE-2026-20887 due to improper access control. An unprivileged, unauthenticated attacker could trigger a low-complexity remote attack over the network to achieve remote code execution, with potential impacts to confidentiality (HIGH), and...

Intel Vision 访问控制错误漏洞

Intel Vision is an industry event and technology brand of Intel Corporation in the United States, focused on artificial intelligence, edge computing, and enterprise digitalization technologies. Intel Vision has a access control vulnerability, which stems from improper access control in Ring 3 Use...

Intel Vision Software Advisory

Summary: A potential security vulnerability for the Intel Vision software maintained by Intel may allow denial of service. Intel is not releasing updates to mitigate this potential vulnerability and has issued a Product Discontinuation Notice for Intel Vision software. Vulnerability Details: CVEI...

EUVD-2026-29248

The issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sonoma 14.8.7, macOS Tahoe 26.5, visionOS 26.5. Processing a maliciously crafted file may lead to unexpected app termination...

EUVD-2026-29227

The issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...

EUVD-2026-29218

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A remote attacker may be able to cause unexpected app...

CVE-2026-28993

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, visionOS 26.5. An app may be able to access user-sensitive data...

CVE-2026-43659

CVE-2026-43659 is a race condition in the Apple FileProvider component. The issue could allow an app to access sensitive user data and was mitigated by added validation. Apple fixed it in multiple platforms: iOS 18.7.9 / iPadOS 18.7.9; iOS 26.5 / iPadOS 26.5; macOS Sequoia 15.7.7; macOS Sonoma 14...

CVE-2026-28988

CVE-2026-28988 describes a permissions issue where an app may bypass certain Privacy preferences. The vulnerability is addressed in Apple security updates: iOS 26.5, iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5, and watchOS 26.5. The connected advisories (NCSC-2026-0138/0139 and Apple security no...

CVE-2026-28944

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...