CVE-2026-28922

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to access private information...

CVE-2026-28910

This issue was addressed with improved permissions checking. This issue is fixed in macOS Tahoe 26.4. A malicious app may be able to access arbitrary files...

CVE-2026-28908

A denial of service issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to modify protected parts of the file system...

CVE-2026-28830

A race condition was addressed with additional validation. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data...

CVE-2026-28840

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.4. An app may be able to gain root privileges...

CVE-2026-20696

An authorization issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data...

CVE-2026-28976

The CVE-2026-28976 entry describes an information leakage vulnerability in macOS that is mitigated by additional validation and fixed in macOS Tahoe 26.5. The CVSS v3.1 baseline score is 7.5 (HIGH), with network attack vector, no user interaction, and no privilege requirement, but with high confi...

CVE-2026-28848

A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.7, macOS Tahoe 26.5. A remote attacker may be able to cause unexpected system termination...

CVE-2026-28848

CVE-2026-28848 affects macOS Sequoia and Tahoe, with a buffer overflow caused by data exceeding memory boundaries. The PT-2026-39763 advisory confirms affected software: macOS Sequoia prior to 15.7.7 and macOS Tahoe prior to 26.5. The issue was addressed by improved bounds checking, and a remote ...

CVE-2026-28940

CVE-2026-28940 affects Apple platforms via a memory-corruption flaw when processing maliciously crafted images. According to connected advisories, the vulnerability is addressed in: iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5; macOS Sequoia 15.7.7; macOS Tahoe 26.5; tvOS 26.5; and visi...

CVE-2026-28901

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2026-28941

The issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Tahoe 26.5. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents...

CVE-2026-43652

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protected user data...

CVE-2026-43652

CVE-2026-43652 is a permissions issue fixed in macOS Tahoe 26.5. The advisory states that an app may be able to access protected user data, and the remediation is the Tahoe 26.5 update. The entry includes a CVSS v3.1 base score of 7.5 (Impact: Confidentiality High; no Integrity/Availability impac...

CVE-2026-28961

The CVE-2026-28961 entry affects macOS Tahoe and is fixed in macOS Tahoe 26.5. The issue could allow an attacker with physical access to a locked device to view sensitive user information; the description notes this was addressed with improved checks. The available documents point to a hardware/s...

CVE-2026-28961

This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.5. An attacker with physical access to a locked device may be able to view sensitive user information...

CVE-2026-28961

This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.5. An attacker with physical access to a locked device may be able to view sensitive user information...

CVE-2026-28977

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing a maliciously crafted file may lead to unexpected app...

CVE-2026-28920

An information leakage was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Visiting a maliciously crafted website may leak...

CVE-2026-28985

A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5. An attacker on the local network may be able to cause a denial-of-service...