1178 matches found
CVE-2025-31272
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to bypass launch constraint protections and execute malicious code with elevated privileges...
Apple macOS 安全漏洞
Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. There are security vulnerabilities in versions of Apple macOS such as Sequoia 15.4, Sonoma 14.7.5, and Ventura 13.7.5. These vulnerabilities stem from insufficient checks, which may allow...
CVE-2026-11626
CleanWipe Removal Tool macOS, prior to 16.0.0.65, may be susceptible to an Local Privilege Escalation vulnerability, which is a type of issue whereby an attacker with limited privilege access on an affected system can escalate their privileges to gain administrative control...
PT-2026-48518
CleanWipe Removal Tool macOS, prior to 16.0.0.65, may be susceptible to an Local Privilege Escalation vulnerability, which is a type of issue whereby an attacker with limited privilege access on an affected system can escalate their privileges to gain administrative control...
EUVD-2026-35705
Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability...
CVE-2026-22926
Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability...
CVE-2026-22926
Technical details about CVE-2026-22926 are not publicly available in the provided documents. No affected versions, root cause, or remediation are specified. Monitor for updates from Omnissa and CVE listings.
CVE-2026-2638 X-VPN macOS website versions - Local Privilege Escalation
A vulnerability in the quarantine and restore workflow of the X-VPN macOS website versions 77.0 through 77.5 allow a local attacker to leverage a race condition and symlink manipulation to achieve privileged file corruption...
CVE-2026-11655
Integer overflow in Media in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
Waves Central 代码问题漏洞
Waves Central is an audio software licensing and product management tool developed by Waves Corporation. Versions of Waves Central for macOS from 13.0.9 to 16.5.5 contain code vulnerabilities. These vulnerabilities stem from the use of a trusted XPC client component that employs enhanced runtime...
Adobe Reader < 26.001.21662 Multiple Vulnerabilities (APSB26-63) (macOS)
The version of Adobe Reader installed on the remote macOS host is a version prior to 26.001.21662. It is, therefore, affected by multiple vulnerabilities. - Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result...
CVE-2026-11686
Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
PT-2026-47558
Summary A electron run as node vulnerability was identified in actual macOS application, version 25.x Electron 39.2.7. Vulnerability Type: Electron Run As Node Description ELECTRON RUN AS NODE fuse enabled Electron 39.2.7 — app can be converted to Node.js REPL for arbitrary code execution Impact ...
SUSE CVE-2026-28904
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...
CVE-2026-6892
Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of directories for which they would not normally have authorization. :Canon...
CVE-2026-6891
Improper handling of symbolic links in the installer of My Image Garden for macOS Version 3.6.8 or earlier may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of files for which they would not normally have...
CVE-2026-6891
CVE-2026-6891 affects My Image Garden for macOS (version 3.6.8 or earlier). The installer improperly handles symbolic links, enabling a local user with login privileges to exploit a specially crafted symbolic link during installation to modify permissions on files they normally wouldn’t be author...
Fake ChatGPT download site infects Windows and Mac users with malware
A convincing fake website is impersonating OpenAI’s ChatGPT download page and infecting visitors with malware designed to steal passwords, browser data, cryptocurrency wallets, and other sensitive information. The site, openew.app, closely mimics OpenAI’s real ChatGPT download experience and offe...
CVE-2025-43451
CVE-2025-43451: A permissions issue in macOS Tahoe 26 was fixed by removing the vulnerable code. The advisory states that an app may be able to access sensitive user data. The available connected documents corroborate the fix in macOS Tahoe 26 and do not provide additional exploit details or affe...
CVE-2025-46280
CVE-2025-46280 is an out-of-bounds read vulnerability addressed by improved bounds checking, fixed in macOS Tahoe 26 . The issue can allow an app to cause unexpected system termination. Affected software: macOS Tahoe 26. Root cause: insufficient bounds checking leading to an out-of-bounds read. I...