Lucene search
K

1178 matches found

Cvelist
Cvelist
added 2026/06/11 6:47 p.m.29 views

CVE-2025-31272

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to bypass launch constraint protections and execute malicious code with elevated privileges...

0.00115EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.13 views

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. There are security vulnerabilities in versions of Apple macOS such as Sequoia 15.4, Sonoma 14.7.5, and Ventura 13.7.5. These vulnerabilities stem from insufficient checks, which may allow...

5.5CVSS5.4AI score0.00127EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 7:16 p.m.14 views

CVE-2026-11626

CleanWipe Removal Tool macOS, prior to 16.0.0.65, may be susceptible to an Local Privilege Escalation vulnerability, which is a type of issue whereby an attacker with limited privilege access on an affected system can escalate their privileges to gain administrative control...

5.4CVSS0.00107EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.17 views

PT-2026-48518

CleanWipe Removal Tool macOS, prior to 16.0.0.65, may be susceptible to an Local Privilege Escalation vulnerability, which is a type of issue whereby an attacker with limited privilege access on an affected system can escalate their privileges to gain administrative control...

5.4CVSS5.4AI score0.00107EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/09 6:30 p.m.10 views

EUVD-2026-35705

Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability...

7.8CVSS5.4AI score0.00132EPSS
Exploits0References3
NVD
NVD
added 2026/06/09 5:17 p.m.12 views

CVE-2026-22926

Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability...

7.8CVSS0.00132EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 4:34 p.m.32 views

CVE-2026-22926

Technical details about CVE-2026-22926 are not publicly available in the provided documents. No affected versions, root cause, or remediation are specified. Monitor for updates from Omnissa and CVE listings.

7.8CVSS5.4AI score0.00132EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/09 11:21 a.m.9 views

CVE-2026-2638 X-VPN macOS website versions - Local Privilege Escalation

A vulnerability in the quarantine and restore workflow of the X-VPN macOS website versions 77.0 through 77.5 allow a local attacker to leverage a race condition and symlink manipulation to achieve privileged file corruption...

7.3CVSS5.4AI score0.00085EPSS
Exploits0References4
NVD
NVD
added 2026/06/09 12:16 a.m.9 views

CVE-2026-11655

Integer overflow in Media in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00242EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

Waves Central 代码问题漏洞

Waves Central is an audio software licensing and product management tool developed by Waves Corporation. Versions of Waves Central for macOS from 13.0.9 to 16.5.5 contain code vulnerabilities. These vulnerabilities stem from the use of a trusted XPC client component that employs enhanced runtime...

7.8CVSS5.7AI score0.00151EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.16 views

Adobe Reader < 26.001.21662 Multiple Vulnerabilities (APSB26-63) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 26.001.21662. It is, therefore, affected by multiple vulnerabilities. - Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result...

7.8CVSS7.4AI score0.00285EPSS
Exploits0References22
ATTACKERKB
ATTACKERKB
added 2026/06/08 11:27 p.m.7 views

CVE-2026-11686

Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.5AI score0.00171EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.14 views

PT-2026-47558

Summary A electron run as node vulnerability was identified in actual macOS application, version 25.x Electron 39.2.7. Vulnerability Type: Electron Run As Node Description ELECTRON RUN AS NODE fuse enabled Electron 39.2.7 — app can be converted to Node.js REPL for arbitrary code execution Impact ...

4.8CVSS6AI score
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/04 2:27 a.m.10 views

SUSE CVE-2026-28904

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS5.8AI score0.00411EPSS
Exploits0References10
NVD
NVD
added 2026/05/29 12:16 a.m.15 views

CVE-2026-6892

Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of directories for which they would not normally have authorization. :Canon...

5.1CVSS0.00123EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/28 11:59 p.m.43 views

CVE-2026-6891

Improper handling of symbolic links in the installer of My Image Garden for macOS Version 3.6.8 or earlier may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of files for which they would not normally have...

5.1CVSS0.00123EPSS
Exploits0References4
CVE
CVE
added 2026/05/28 11:59 p.m.27 views

CVE-2026-6891

CVE-2026-6891 affects My Image Garden for macOS (version 3.6.8 or earlier). The installer improperly handles symbolic links, enabling a local user with login privileges to exploit a specially crafted symbolic link during installation to modify permissions on files they normally wouldn’t be author...

5.1CVSS5.8AI score0.00123EPSS
Exploits0References4
Malwarebytes
Malwarebytes
added 2026/05/28 10:18 a.m.104 views

Fake ChatGPT download site infects Windows and Mac users with malware

A convincing fake website is impersonating OpenAI’s ChatGPT download page and infecting visitors with malware designed to steal passwords, browser data, cryptocurrency wallets, and other sensitive information. The site, openew.app, closely mimics OpenAI’s real ChatGPT download experience and offe...

5.6AI score
Exploits0
CVE
CVE
added 2026/05/26 9:32 p.m.24 views

CVE-2025-43451

CVE-2025-43451: A permissions issue in macOS Tahoe 26 was fixed by removing the vulnerable code. The advisory states that an app may be able to access sensitive user data. The available connected documents corroborate the fix in macOS Tahoe 26 and do not provide additional exploit details or affe...

5.5CVSS5.8AI score0.00135EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/05/26 9:32 p.m.25 views

CVE-2025-46280

CVE-2025-46280 is an out-of-bounds read vulnerability addressed by improved bounds checking, fixed in macOS Tahoe 26 . The issue can allow an app to cause unexpected system termination. Affected software: macOS Tahoe 26. Root cause: insufficient bounds checking leading to an out-of-bounds read. I...

5.5CVSS5.8AI score0.00136EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder