CVE-2026-47430

Summary The iOS implementation of cordova-plugin-inappbrowser passes the id field from a WKScriptMessage body to commandDelegate sendPluginResult:callbackId: with no format validation CDVWKInAppBrowser.m:560–574. Any web content loaded inside the InAppBrowser can fire any pending Cordova callback...

CVE-2026-10951

Use after free in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-11277

Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

CVE-2026-28974

CVE-2026-28974 affects Apple platforms and is described as a denial-of-service risk due to an issue where an app could trigger unauthorized actions. Connected advisories confirm fixes in iOS/iPadOS 26.5, macOS Sequoia 15.7.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, and watchOS 26.5. Affected ...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. There were security vulnerabilities in versions of Apple iOS before 18.7.9, as well as versions before 26.4,...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Versions of Apple iOS prior to 26.5 and iPadOS prior to 26.5 contained security vulnerabilities. These...

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed a remote attacker to bypass navigation restrictions through a crafted HTML page...

EUVD-2026-26187

Use after free in iOS in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-28858

CVE-2026-28858 affects Apple iOS/iPadOS kernels: a buffer overflow caused by insufficient bounds checking in input processing can lead to kernel memory corruption and potential remote code execution. The issue is fixed in iOS 26.4 / iPadOS 26.4; update to apply the mitigation. Reported vectors ar...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Versions of Apple iOS prior to 26.4 and iPadOS prior to 26.4 contained security vulnerabilities. These...

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14274)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial-of-service vulnerability exists in several Apple products, which can be exploited by attackers to...

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14272)

Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets.Apple macOS Sequoia is an operating system.... A denial-of-service vulnerability exists in multiple Apple products, which can be exploited by an attacker to cause a malicious HID...

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14482)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial of service vulnerability exists in multiple Apple products due to an error in the WebKit component...

Security Bypass Vulnerability in Multiple Apple Products (CNVD-2026-14479)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A security bypass vulnerability exists in multiple Apple products, which is caused by a permissions issue i...

Unspecified Vulnerability in Multiple Apple Products (CNVD-2026-14483)

Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. A security vulnerability exists in several Apple products that can be exploited by an attacker to cause an app to recognize other apps install...

Denial of Service Vulnerability in Multiple Apple Products (CNVD-2026-14273)

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. A denial-of-service vulnerability exists in several Apple products, which can be exploited by attackers to...

CVE-2025-46303

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. A malicious HID device may cause an unexpected process crash...

CVE-2026-20608

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2026-20617

A race condition was addressed with improved state handling. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to gain root privileges...

CVE-2025-46302

CVE-2025-46302: Apple fixed an issue causing a malicious HID device to trigger an unexpected process crash by addressing bounds-check vulnerabilities. Affected products/versions include iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe ...