CVE-2026-28940

CVE-2026-28940 affects Apple platforms via a memory-corruption flaw when processing maliciously crafted images. According to connected advisories, the vulnerability is addressed in: iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5; macOS Sequoia 15.7.7; macOS Tahoe 26.5; tvOS 26.5; and visi...

CVE-2026-20691

A flaw was found in WebKitGTK. A maliciously crafted web page can cause an authorization issue due to improper state management and may be able to fingerprint the user. Mitigation Do not visit untrusted web pages or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the...

CVE-2026-20631

A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. A user may be able to elevate privileges...

[updated] Google patches two Chrome zero-days under active attack

Update March 16, 2026 Earlier this week, Google incorrectly reported that an actively exploited vulnerability in Chrome had been fixed, and has now announced it will roll out a new update to protect users against the vulnerability tracked as CVE-2026-3909. Original content: Google has released an...

CVE-2018-4419

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1...

CVE-2018-4280

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2...

CVE-2018-4447

A memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2...

CVE-2018-4340

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5...

CVE-2018-4421

A memory initialization issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1...

CVE-2025-46281

A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.2. An app may be able to break out of its sandbox...

📄 macOS 18.3.2 VM_BEHAVIOR_ZERO_WIRED_PAGES Handling

A vulnerability exists in the way macOS handles VMBEHAVIORZEROWIREDPAGES combined with mmap + mlock + vmdeallocate on a read-only mapped file. A local attacker may trigger abnormal kernel behavior depending on system conditions. This proof of concept is purely academic and demonstrates a controll...

CVE-2025-43389

A privacy issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, visionOS 26.1. An app may be able to access sensitive user data...

PT-2025-51003

Name of the Vulnerable Software and Affected Versions macOS versions prior to 26.1 Description An issue existed where an application could potentially escape its sandbox restrictions. This could allow an application to gain broader access to the system than intended. Recommendations Update to mac...

EUVD-2018-16246

Malware in sbrugna...

EUVD-2017-5361

Malware in sbrugna...

EUVD-2024-24994

Malicious code in bioql PyPI...

EUVD-2024-24982

Malicious code in bioql PyPI...

macOS 14.x < 14.7.8 (124928)

The remote host is running a version of macOS / Mac OS X that is 14.x prior to 14.7.8. It is, therefore, affected by a vulnerability: - Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticat...

PT-2025-31271 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 Description: A logic issue existed due to insufficient checks. Processing maliciously crafted web content may lead to an unexpected Safari crash. Recommendations: Update to macOS version 15.6...

PT-2025-31326 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 Description: An authorization issue was addressed with improved state management. A local attacker may gain access to Keychain items. Recommendations: Update to macOS version 15.6...