CVE-2026-20617

A race condition was addressed with improved state handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to gain root privileges...

CVE-2026-20641

A privacy issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to identify what other apps a user has install...

CVE-2026-20677

CVE-2026-20677 is a race-condition vulnerability related to handling of symbolic links that could allow bypassing sandbox restrictions. Apple fixes indicate this issue affects iOS/iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, and visionOS 26.3. The root cause is ...

CVE-2026-20636

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-46302

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4. A malicious HID device may cause an unexpected process crash...

CVE-2026-20650

A denial-of-service issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Bluetooth packets...

CVE-2026-20650

A denial-of-service issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Bluetooth packets...

CVE-2026-20611

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing a maliciously crafted media fil...

CVE-2026-20611

CoreAudio in Apple platforms is affected by CVE-2026-20611, an out-of-bounds access issue that can cause an app to terminate or memory corruption when processing a malicious media file. Affected products/versions include iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4...

CVE-2026-20627

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in watchOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to access sensitive user data...

CVE-2026-20627

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3, watchOS 26.3. An app may be able to access sensitive user data...

CVE-2026-20627

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3, watchOS 26.3. An app may be able to access sensitive user data...

CVE-2026-20627

CVE-2026-20627 involves an issue in the handling of environment variables that Apple fixed by improved validation. The vulnerability affects multiple Apple platforms and is addressed in watchOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3, iOS 26.3, and iPadOS 26.3 (and macOS Sonoma...

CVE-2026-20626

CVE-2026-20626 affects Apple platforms including iOS, iPadOS, macOS Sequoia 15.7.4, macOS Tahoe 26.3, and visionOS 26.3. The issue is a local-privilege-elevation vulnerability where a malicious app may gain root privileges; CVSS indicates local access, low privileges, no user interaction, and hig...

CVE-2025-46304

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4. A malicious HID device may cause an unexpected process crash...

CVE-2026-20667

CVE-2026-20667 is a logic‑issue in Apple platforms that could allow an app to break out of its sandbox. It is fixed in iOS/iPadOS 26.3, watchOS 26.3, and macOS updates: Sequoia 15.7.4, Sonoma 14.8.4, Tahoe 26.3. Connected sources confirm the root cause and affected products; exploitation status i...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Both Apple iOS and Apple iPadOS have security vulnerabilities that stem from authorization issues, which may...

PT-2026-7798

Name of the Vulnerable Software and Affected Versions macOS Tahoe versions 26.3 macOS Sonoma versions 14.8.4 macOS Sequoia version 15.7.4 watchOS versions 26.3 tvOS versions 26.3 iOS versions 18.7.5 and 26.3 iPadOS versions 18.7.5 and 26.3 visionOS version 26.3 Description Processing a maliciousl...

PT-2026-7780

Name of the Vulnerable Software and Affected Versions watchOS versions prior to 26.3 iOS versions prior to 26.3 iPadOS versions prior to 26.3 tvOS versions prior to 26.3 macOS versions prior to Tahoe 26.3 Description A logging issue allowed potential viewing of sensitive user information due to...

PT-2026-7795

Name of the Vulnerable Software and Affected Versions macOS Sequoia versions prior to 15.7.4 macOS Sonoma versions prior to 14.8.4 macOS Tahoe versions prior to 26.3 tvOS versions prior to 26.3 watchOS versions prior to 26.3 iOS versions prior to 18.7.5 iPadOS versions prior to 18.7.5 visionOS...