Unspecified Vulnerability in Apple macOS (CNVD-2026-19648)

Apple macOS is a specialized operating system developed by Apple for Mac computers. A security vulnerability exists in Apple macOS, which stems from improper handling of temporary files, and can be exploited by an attacker to cause an application to access sensitive user data...

Apple macOS Integer Overflow Vulnerability

Apple macOS is a specialized operating system developed by Apple for Mac computers. An integer overflow vulnerability exists in Apple macOS, which can be exploited by an attacker to cause heap corruption when processing malicious strings...

Foxit PDF Editor for Mac < 13.2.3 / 14.0.3 / 2026.1 Multiple Vulnerabilities

According to its version, the Foxit PDF Editor for Mac application previously named Foxit PhantomPDF for Mac installed on the remote macOS host is prior to 2026.1/14.0.3/13.2.3. It is, therefore affected by multiple vulnerabilities: Note that Nessus has not tested for this issue but has instead...

3 SOC Process Fixes That Unlock Tier 1 Productivity

What is really slowing Tier 1 down: the threat itself or the process around it? In many SOCs, the biggest delays do not come from the threat alone. They come from fragmented workflows, manual triage steps, and limited visibility early in the investigation. Fixing those process gaps can help Tier ...

A week in security (March 23 &#8211; March 29)

Last week on Malwarebytes Labs: Criminals are renting virtual phones to bypass bank security Bogus Avast website fakes virus scan, installs Venom Stealer instead Infiniti Stealer: a new macOS infostealer using ClickFix and Python/Nuitka GlassWorm attack installs fake browser extension for...

Apple Security Advisory 03-24-2026-4

Apple Security Advisory 03-24-2026-4 - macOS Sequoia 15.7.5 addresses information leakage, integer overflow, null pointer, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities...

Apple Security Advisory 03-24-2026-3

Apple Security Advisory 03-24-2026-3 - macOS Tahoe 26.4 addresses buffer overflow, bypass, information leakage, null pointer, out of bounds access, out of bounds read, out of bounds write, and use-after-free vulnerabilities...

Apple macOS Exposure of Sensitive Information to Unauthorized Sphere Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within NVRAM variabl...

📄 Forcepoint One Endpoint macOS 25.08.5008 DLP Bypass

Forcepoint One Endpoint DLP Endpoint for macOS version 25.08.5008 with DLP Policy Engine version 10.2.0.298 allows a local standard non-admin user to bypass DLP content inspection and policy enforcement by sending SIGSTOP to user-owned browser helper processes Websense Endpoint Helper,...

Apple macOS CoreMedia Framework Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the CoreMedia framewor...

TeamPCP’s Telnyx Attack Marks a Shift in Tactics Beyond LiteLLM

Moving beyond their LiteLLM campaign, TeamPCP weaponizes the Telnyx Python SDK with stealthy WAV‑based payloads to steal credentials across Linux, macOS, and Windows...

CVE-2026-33874

Gematik Authenticator securely authenticates users for login to digital health applications. Starting in version 4.12.0 and prior to version 4.16.0, the Mac OS version of the Authenticator is vulnerable to remote code execution, triggered when victims open a malicious file. Update the gematik...

CVE-2026-33632

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.4, two file operation event types — ESEVENTTYPEAUTHEXCHANGEDATA and ESEVENTTYPEAUTHCLONE — were not intercepted by ClearanceKit's opfilter system extension, allowing local...

CVE-2021-27205

Telegram before 7.4 212543 Stable on macOS stores the local copy of self-destructed messages in a sandbox path, leading to sensitive information disclosure...

PT-2026-28545

Name of the Vulnerable Software and Affected Versions Gematik Authenticator versions 4.12.0 through 4.15.9 Description The Gematik Authenticator, used for secure user authentication in digital health applications, has a flaw on Mac OS systems. Opening a specially crafted file can lead to remote...

GIMP < 3.2.0 Multiple Vulnerabilities (macOS)

The version of GIMP installed on the remote macOS host is prior to 3.2.0. It is, therefore, affected by multiple vulnerabilities: - An integer overflow condition exists in PSD file parsing due to improper validation of user-supplied data. An unauthenticated, local attacker can exploit this, via a...

CVE-2026-33632

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.4, two file operation event types — ESEVENTTYPEAUTHEXCHANGEDATA and ESEVENTTYPEAUTHCLONE — were not intercepted by ClearanceKit's opfilter system extension, allowing local...

CVE-2026-33632

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.4, two file operation event types — ESEVENTTYPEAUTHEXCHANGEDATA and ESEVENTTYPEAUTHCLONE — were not intercepted by ClearanceKit's opfilter system extension, allowing local...

CVE-2026-33632 ClearanceKit: opfilter policy bypass via exchangedata and clone operations

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.4, two file operation event types — ESEVENTTYPEAUTHEXCHANGEDATA and ESEVENTTYPEAUTHCLONE — were not intercepted by ClearanceKit's opfilter system extension, allowing local...

CVE-2026-33632 ClearanceKit: opfilter policy bypass via exchangedata and clone operations

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to version 4.2.4, two file operation event types — ESEVENTTYPEAUTHEXCHANGEDATA and ESEVENTTYPEAUTHCLONE — were not intercepted by ClearanceKit's opfilter system extension, allowing local...