71 matches found
Apple Silicon Vulnerability Research — A18 Pro (MacBook Neo)
This is systematic security research targeting Apple's A18 Pro chip MacBook Neo / Mac17,5, the first A-series SoC shipped in a Mac laptop. The MacBook Neo is used as an authorized Apple Security Research Device SRD and doubles as a high-visibility proxy for iPhone 16 Pro research, since A18 Pro i...
Linux Distros Unpatched Vulnerability : CVE-2026-23323
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: hwmon: macsmc Fix regressions in Apple Silicon SMC hwmon driver The recently added...
SUSE CVE-2026-23323
In the Linux kernel, the following vulnerability has been resolved: hwmon: macsmc Fix regressions in Apple Silicon SMC hwmon driver The recently added macsmc-hwmon driver contained several critical bugs in its sensor population logic and float conversion routines. Specifically: - The voltage sens...
CVE-2026-23323
A flaw was found in the Linux kernel's macsmc-hwmon driver, which is responsible for managing hardware monitoring on Apple Silicon systems. Incorrect sensor population logic could lead to out-of-bounds memory access or data corruption. Additionally, a flaw in the float conversion routines could...
EUVD-2026-15276
In the Linux kernel, the following vulnerability has been resolved: hwmon: macsmc Fix regressions in Apple Silicon SMC hwmon driver The recently added macsmc-hwmon driver contained several critical bugs in its sensor population logic and float conversion routines. Specifically: - The voltage sens...
CVE-2026-23323
In the Linux kernel, the following vulnerability has been resolved: hwmon: macsmc Fix regressions in Apple Silicon SMC hwmon driver The recently added macsmc-hwmon driver contained several critical bugs in its sensor population logic and float conversion routines. Specifically: - The voltage sens...
UBUNTU-CVE-2026-23323
In the Linux kernel, the following vulnerability has been resolved: hwmon: macsmc Fix regressions in Apple Silicon SMC hwmon driver The recently added macsmc-hwmon driver contained several critical bugs in its sensor population logic and float conversion routines. Specifically: - The voltage sens...
CVE-2026-23323 hwmon: (macsmc) Fix regressions in Apple Silicon SMC hwmon driver
In the Linux kernel, the following vulnerability has been resolved: hwmon: macsmc Fix regressions in Apple Silicon SMC hwmon driver The recently added macsmc-hwmon driver contained several critical bugs in its sensor population logic and float conversion routines. Specifically: - The voltage sens...
CVE-2026-23323
In the Linux kernel, the following vulnerability has been resolved: hwmon: macsmc Fix regressions in Apple Silicon SMC hwmon driver The recently added macsmc-hwmon driver contained several critical bugs in its sensor population logic and float conversion routines. Specifically: - The voltage...
CVE-2026-23323
CVE-2026-23323 concerns the Linux kernel macsmc-hwmon driver on Apple Silicon. The issue stems from two concrete bugs: (1) sensor population logic using the wrong prefix (volt- vs voltage-) and mis-assigning sensors from the voltage array to the temperature array, risking out-of-bounds access or ...
CVE-2026-23323
In the Linux kernel, the following vulnerability has been resolved: hwmon: macsmc Fix regressions in Apple Silicon SMC hwmon driver The recently added macsmc-hwmon driver contained several critical bugs in its sensor population logic and float conversion routines. Specifically: - The voltage sens...
CVE-2026-23323 hwmon: (macsmc) Fix regressions in Apple Silicon SMC hwmon driver
In the Linux kernel, the following vulnerability has been resolved: hwmon: macsmc Fix regressions in Apple Silicon SMC hwmon driver The recently added macsmc-hwmon driver contained several critical bugs in its sensor population logic and float conversion routines. Specifically: - The voltage sens...
Exploit for CVE-2025-70342
CVE-2025-70342: Credential Interception via Named Pipe in eras...
Exploit for Use After Free in Apple Safari
CTT-Apple-Silicon-Refraction webkitrefraction.js The 33-Laye...
Cloud Agent in 2025: A Year of Scale, Security, and Smarter Visibility
As we move into 2026, 2025 stands out as a defining year for the Qualys Cloud Agent. In 2025, Cloud Agent delivered deeper visibility into running systems and applications , stronger security controls , expanded support across operating systems and architectures , and meaningful platform...
PYSEC-2025-138
MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a heap buffer overflow in mlx::core::load when parsing malicious NumPy .npy files. Attacker-controlled file causes 13-byte out-of-bounds read, leading to crash or information disclosure. This issue...
CVE-2025-62609
MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a segmentation fault in mlx::core::loadgguf when loading malicious GGUF files. Untrusted pointer from external gguflib library is dereferenced without validation, causing application crash. This iss...
PYSEC-2025-139
MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a segmentation fault in mlx::core::loadgguf when loading malicious GGUF files. Untrusted pointer from external gguflib library is dereferenced without validation, causing application crash. This iss...
CVE-2025-62608
MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a heap buffer overflow in mlx::core::load when parsing malicious NumPy .npy files. Attacker-controlled file causes 13-byte out-of-bounds read, leading to crash or information disclosure. This issue...
PYSEC-2025-139
MLX is an array framework for machine learning on Apple silicon. Prior to version 0.29.4, there is a segmentation fault in mlx::core::loadgguf when loading malicious GGUF files. Untrusted pointer from external gguflib library is dereferenced without validation, causing application crash. This iss...