CVE-2026-28860

The issue was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A local attacker may be able to modify the state of the...

CVE-2026-20608

A flaw was found in WebKitGTK. Processing malicious web content can cause an unexpected process crash due to improper state management. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require WebKitGTK4:...

CVE-2026-20617

A race condition was addressed with improved state handling. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to gain root privileges...

PT-2026-7755

Name of the Vulnerable Software and Affected Versions macOS versions prior to Sonoma 14.8.4 watchOS versions prior to 26.3 tvOS versions prior to 26.3 visionOS versions prior to 26.3 iOS versions prior to 26.3 iPadOS versions prior to 26.3 Description A race condition existed due to improper stat...

PT-2026-7798

Name of the Vulnerable Software and Affected Versions macOS Tahoe versions 26.3 macOS Sonoma versions 14.8.4 macOS Sequoia version 15.7.4 watchOS versions 26.3 tvOS versions 26.3 iOS versions 18.7.5 and 26.3 iPadOS versions 18.7.5 and 26.3 visionOS version 26.3 Description Processing a maliciousl...

EUVD-2025-3636

Malicious code in bioql PyPI...

EUVD-2025-14615

Malicious code in bioql PyPI...

EUVD-2025-23110

Malicious code in bioql PyPI...

Astra Linux – Vulnerability in WebKit2GTK

A “use-after-free” issue has been addressed through improved memory management. This issue is fixed in Safari 18.4, iOS 18.4, iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, and watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected Safari cras...

SUSE CVE-2025-31205

The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. A malicious website may exfiltrate data cross-origin...

CVE-2025-31215

The issue was addressed with improved checks. This issue is fixed in Safari 18.5, iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, tvOS 18.5, visionOS 2.5, watchOS 11.5. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-31202

CVE-2025-31202 affects Apple platforms via AirPlay components (e.g., AirPlay in Vision Pro, iOS/iPadOS, macOS, tvOS, visionOS). Root cause: a null pointer dereference fixed by input validation improvements. Impact: attacker on the local network can cause a denial-of-service. Affected versions inc...

CVE-2025-30470

A path handling issue was addressed with improved logic. This issue is fixed in visionOS 2.4, macOS Ventura 13.7.5, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to read sensitive location information...

DEBIAN-CVE-2024-54467

A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18, iOS 18 and iPadOS 18, macOS Sequoia 15, tvOS 18, visionOS 2, watchOS 11. A malicious website may exfiltrate data cross-origin...

DEBIAN-CVE-2024-44308

The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS 18.1.1, macOS Sequoia 15.1.1, visionOS 2.1.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that th...

CVE-2024-44167

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to overwrite arbitrary files...