Cisco IOS Software HTTP Server DoS (cisco-sa-ios-http-dos-sbv8XRpL)

According to its self-reported version, Cisco IOS is affected by a vulnerability. - A denial of service DoS vulnerability exists in Cisco IOS Software due to improper validation of user-supplied input. An authenticated remote attacker can exploit this issue, via sending malformed HTTP requests to...

CVE-2026-5898

Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2026-5898

Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2026-5895

Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name. Chromium security severity: Low...

CVE-2026-5895

Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name. Chromium security severity: Low...

CVE-2026-5895

Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name. Chromium security severity: Low...

PT-2026-31516

Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

OpenClaw: iOS A2UI bridge trusted generic local-network pages for agent.request dispatch

Summary Before OpenClaw 2026.4.2, the iOS A2UI bridge treated generic local-network pages as trusted bridge origins. A page loaded from a local-network or tailnet host could trigger agent.request dispatch without the stricter trusted-canvas origin check. Impact A loaded attacker-controlled page...

GHSA-4P4F-FC8Q-84M3 OpenClaw: iOS A2UI bridge trusted generic local-network pages for agent.request dispatch

Summary Before OpenClaw 2026.4.2, the iOS A2UI bridge treated generic local-network pages as trusted bridge origins. A page loaded from a local-network or tailnet host could trigger agent.request dispatch without the stricter trusted-canvas origin check. Impact A loaded attacker-controlled page...

Google Chrome for iOS 安全漏洞

Google Chrome for iOS is a web browser based on the iOS platform developed by Google Inc. Versions of Google Chrome for iOS prior to 147.0.7727.55 contained a security vulnerability. This vulnerability stemmed from incorrect Omnibox security UI behavior, which could allow remote attackers to...

VulnCheck KEV: CVE-2025-43532

A memory corruption issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing malicious data may lead to unexpect...

Google Chrome for iOS 安全漏洞

Google Chrome for iOS is a web browser based on the iOS platform developed by Google Inc. Versions of Google Chrome for iOS prior to 147.0.7727.55 contained a security vulnerability. This vulnerability stemmed from incorrect security UI in the address bar, which could allow remote attackers to...

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than a year after the trojan was discovered targeting both the mobile operating systems. The malware has been found to conceal itself within seemingly benign apps, su...

Cisco IOS Software IKEv2 DoS (cisco-sa-asa-ftd-ios-dos-kPEpQGGK)

According to its self-reported version, Cisco IOS Software is affected by a vulnerability. - A vulnerability in the Internet Key Exchange version 2 IKEv2 feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service DoS...

CVE-2025-43202

This issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6. Processing a file may lead to memory corruption...

CVE-2025-43202

This issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6. Processing a file may lead to memory corruption...

Apple expands “DarkSword” patches to iOS 18.7.7

Apple widened its latest iOS 18 security update to cover far more iPhones and iPads, specifically to stop real‑world DarkSword attacks that can compromise a device from a single website visit. After researchers published their findings about the DarkSword attacks and an exploit kit abusing the...

Apple Will Push Out Rare ‘Backported’ Patches to Protect iOS 18 Users From DarkSword Hacking Tool

As DarkSword spreads, Apple tells WIRED it will enable iOS 18-specific fixes for millions of iPhone owners who remain on that iOS version rather than force them to update to iOS 26...

SUSE CVE-2026-28857

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash...

SUSE CVE-2026-28859

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A malicious website may be able to process restricted web content outside the sandbox...