Skip to main content

Apple

8071 CVEs vendor

Monthly

CVE-2026-28826 MEDIUM PATCH This Month

A logic issue in macOS Tahoe allows a malicious application to escape its sandbox and execute code outside of the restricted security boundary. This vulnerability affects macOS versions prior to 26.4 and represents a critical sandbox bypass that could enable arbitrary code execution with elevated privileges. While no CVSS score or active exploitation data is currently available, the sandbox escape capability makes this a high-priority patch for all affected macOS users.

Apple Information Disclosure
NVD VulDB
CVSS 3.1
4.0
EPSS
0.0%
CVE-2026-28871 MEDIUM PATCH This Month

A cross-site scripting (XSS) vulnerability exists in Apple's Safari browser and iOS/iPadOS operating systems due to insufficient input validation in website content handling. An attacker can craft a malicious website that, when visited by a user, executes arbitrary JavaScript in the context of the victim's browser, potentially stealing credentials, session tokens, or performing actions on behalf of the user. Apple has released patches across Safari 26.4, iOS 18.7.7, iPadOS 18.7.7, iOS 26.4, iPadOS 26.4, and macOS Tahoe 26.4 to address this logic flaw, though no CVSS score, EPSS data, or KEV status has been publicly disclosed, suggesting this may be a proactive disclosure rather than an actively exploited vulnerability.

Apple XSS Red Hat Suse
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-20684 LOW PATCH Monitor

A permissions validation flaw in macOS Tahoe allows applications to circumvent Gatekeeper security checks, potentially enabling execution of untrusted or malicious code that would normally be blocked by Apple's code signing and notarization mechanisms. This vulnerability affects macOS Tahoe versions prior to 26.4 and is fixed in the 26.4 release. An attacker with the ability to distribute a specially crafted application could bypass endpoint security controls designed to protect users from unsigned or malicious software.

Apple Authentication Bypass
NVD VulDB
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-20651 MEDIUM PATCH This Month

A privacy vulnerability in macOS allows applications to access sensitive user data through improper handling of temporary files. The issue affects macOS Sequoia (versions prior to 15.7.5), macOS Sonoma (versions prior to 14.8.4), and macOS Tahoe (versions prior to 26.3). An unprivileged application could exploit weak temporary file protections to read or manipulate sensitive data, though no active exploitation in the wild or public proof-of-concept has been confirmed at this time.

Apple Information Disclosure macOS
NVD VulDB
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-33545 PyPI MEDIUM PATCH This Month

A SQL injection vulnerability (CVSS 5.3). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

SQLi Denial Of Service Information Disclosure Python Apple +1
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-2375 MEDIUM This Month

The App Builder - Create Native Android & iOS Apps On The Flight WordPress plugin up to version 5.5.10 contains a privilege escalation vulnerability in its REST API registration endpoint that allows unauthenticated attackers to register accounts with the wcfm_vendor role, bypassing WCFM Marketplace's vendor approval workflow. The verify_role() function in AuthTrails.php explicitly whitelists the wcfm_vendor role without proper authorization checks, enabling attackers to immediately gain vendor-level privileges including product management, order access, and store management on affected WordPress installations. This vulnerability has a CVSS score of 6.5 with low attack complexity and no authentication requirements, making it a moderate-to-significant risk for WordPress sites using both this plugin and WCFM Marketplace.

Apple Google WordPress PHP Privilege Escalation
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-32810 MEDIUM This Month

Halloy, an IRC application written in Rust, fails to properly restrict file permissions on its configuration directory and files on *nix and macOS systems prior to commit f180e41061db393acf65bc99f5c5e7397586d9cb, resulting in world-readable access to plaintext credentials. Any local user on an affected system can read sensitive authentication data stored in config.toml or referenced password files, leading to credential compromise. While no CVSS score or EPSS data is currently available, the vulnerability represents a direct information disclosure risk with low exploitation complexity.

Information Disclosure Apple macOS Suse
NVD GitHub VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-33419 Go CRITICAL PATCH Act Now

MinIO AIStor's Security Token Service (STS) AssumeRoleWithLDAPIdentity endpoint contains two combined vulnerabilities that enable LDAP credential brute-forcing: distinguishable error messages allowing username enumeration (CWE-204) and missing rate limiting (CWE-307). All MinIO deployments through the final open-source release with LDAP authentication enabled are affected. Unauthenticated network attackers can enumerate valid LDAP usernames, perform unlimited password guessing attacks, and obtain temporary AWS-style STS credentials granting full access to victim users' S3 buckets and objects.

Microsoft Docker Information Disclosure Apple Nginx +1
NVD GitHub VulDB
CVSS 4.0
9.1
EPSS
0.1%
CVE-2026-32318 HIGH PATCH This Week

A man-in-the-middle vulnerability in Cryptomator for iOS versions prior to 2.8.3 allows attackers who can modify the vault.cryptomator configuration file to intercept authentication tokens by substituting malicious API endpoints while maintaining legitimate authentication endpoints. This affects users unlocking Hub-backed vaults in environments where attackers have write access to vault configuration files. No evidence of active exploitation (not in CISA KEV) has been reported, and patches are available.

Information Disclosure Hashicorp Apple iOS
NVD GitHub VulDB
CVSS 3.1
7.6
EPSS
0.0%
CVE-2026-31382 MEDIUM This Month

A Reflected Cross-Site Scripting (XSS) vulnerability exists in the error_description parameter of Gainsight Assist, allowing unauthenticated attackers to inject malicious JavaScript payloads that execute in victims' browsers. The vulnerability is particularly dangerous because attackers can bypass the application's Web Application Firewall (WAF) using Safari-specific event handlers such as onpagereveal, which are not typically filtered by standard XSS protections. While the CVSS score of 6.1 indicates moderate severity with limited direct impact (integrity and availability degradation rather than confidentiality breach), the attack requires minimal technical complexity and no special privileges, making it exploitable by any attacker who can craft a malicious URL and socially engineer a victim into clicking it.

XSS Apple
NVD VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-32016 npm HIGH PATCH This Week

OpenClaw prior to version 2026.2.22 on macOS allows local attackers with user-level privileges to execute unauthorized binaries by bypassing path validation in the exec-approval allowlist mode through basename-only entries. An attacker can execute same-named local binaries without approval when the security allowlist policy is enabled, circumventing intended path-based restrictions. A patch is not currently available.

Apple Authentication Bypass macOS
NVD GitHub VulDB
CVSS 4.0
7.3
EPSS
0.0%
CVE-2026-33344 Go HIGH PATCH This Week

Path traversal in Apple and Kubernetes DAG management APIs allows authenticated attackers to access arbitrary files outside the intended directory by injecting URL-encoded forward slashes into file name parameters on GET, DELETE, RENAME, and EXECUTE endpoints. The vulnerability affects systems where a previous patch (CVE-2026-27598) only secured the CREATE endpoint while leaving other API functions unprotected. An attacker with valid credentials can read, modify, or execute unintended DAG files on the affected system.

Path Traversal Apple Kubernetes macOS Suse
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
3.0%
CVE-2026-33322 Go CRITICAL PATCH Act Now

JWT algorithm confusion in MinIO's OpenID Connect authentication enables attackers with knowledge of the OIDC ClientSecret to forge identity tokens and obtain S3 credentials with unrestricted IAM policies, including administrative access. Affected users can have their identities impersonated and their data accessed, modified, or deleted with 100% attack success rate. The vulnerability impacts MinIO deployments across Docker, Apple, and Microsoft platforms, with no patch currently available.

Information Disclosure Docker Apple Microsoft Suse
NVD GitHub VulDB
CVSS 4.0
9.2
EPSS
0.0%
CVE-2026-33292 PHP HIGH This Week

Unauthenticated attackers can stream any private or paid video in PHP, Oracle, and Apple applications through a path traversal vulnerability in the HLS streaming endpoint. The flaw exploits a split-oracle condition where authorization validation and file access use different parsing logic on the videoDirectory parameter, allowing attackers to bypass authentication checks while accessing unauthorized content. No patch is currently available for this high-severity vulnerability.

PHP Path Traversal Oracle Apple
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-33320 Go MEDIUM PATCH This Month

The dasel YAML reader contains an unbounded alias expansion vulnerability (CWE-674) that allows attackers to trigger extreme CPU and memory consumption through specially crafted YAML documents. Affected versions include dasel v3.0.0 through v3.3.1 and the current default branch. An attacker who can supply YAML input-via CLI, file processing, or library usage-can cause denial of service with a malicious 342-byte payload that fails to complete within 5 seconds and exhibits unbounded resource growth, as demonstrated by the provided proof-of-concept.

Denial Of Service Apple macOS Suse
NVD GitHub VulDB
CVSS 3.1
6.2
EPSS
1.0%
CVE-2026-31993 npm MEDIUM PATCH This Month

OpenClaw versions before 2026.2.22 contain an allowlist parsing flaw in the macOS companion app that enables authenticated operators with elevated privileges to bypass command execution controls and run arbitrary commands on paired hosts. The vulnerability affects systems with operator.write access and macOS beta nodes, allowing attackers to craft malicious shell-chain payloads that circumvent validation checks. A security patch is available.

Apple Authentication Bypass Openclaw macOS
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-33067 Go CRITICAL PATCH Act Now

SiYuan's Bazaar marketplace fails to sanitize package metadata (displayName, description) before rendering in the Electron desktop application, allowing stored XSS that escalates to arbitrary remote code execution. Any SiYuan user (versions ≤3.5.9) who browses the Bazaar will automatically execute attacker-controlled code with full OS-level privileges when a malicious package card renders-no installation or user interaction required. A functional proof-of-concept exists demonstrating command execution via img onerror handlers, and this vulnerability is actively tracked in GitHub's advisory database (GHSA-mvpm-v6q4-m2pf), making it a critical supply-chain risk to the SiYuan user community.

Command Injection Apple Microsoft XSS RCE +4
NVD GitHub VulDB
CVSS 3.1
9.0
EPSS
0.4%
CVE-2026-33066 Go CRITICAL PATCH Act Now

SiYuan's Bazaar (community package marketplace) fails to sanitize HTML in package README files during rendering, allowing stored XSS that escalates to remote code execution due to unsafe Electron configuration. An attacker can submit a malicious package with embedded JavaScript in the README that executes with full Node.js access when any user views the package details in the Bazaar. This affects SiYuan versions 3.5.9 and earlier across Windows, macOS, and Linux, with a CVSS score of 9.6 and multiple real-world exploitation vectors including data theft, reverse shells, and persistent backdoors.

Apple Microsoft XSS RCE Information Disclosure +4
NVD GitHub VulDB
CVSS 3.1
9.0
EPSS
0.5%
CVE-2026-24063 HIGH This Week

Arturia Software Center on macOS installs plugin uninstall scripts with world-writable permissions (777) in root-owned directories, allowing local attackers to modify these scripts and achieve privilege escalation when the Privileged Helper executes them during plugin removal. This vulnerability affects any macOS user with the Arturia Software Center installed and requires local access and user interaction to exploit. No patch is currently available.

Privilege Escalation Apple
NVD VulDB
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-24062 HIGH This Week

The Arturia Software Center on macOS contains insufficient code signature validation in its Privileged Helper component, allowing unauthenticated clients to connect and execute privileged actions without proper authorization. This vulnerability affects all versions of Arturia Software Center and enables local privilege escalation attacks where an unprivileged user can escalate to root or system-level privileges. While no CVSS score or EPSS data is publicly available, the authentication bypass nature and privilege escalation impact classify this as a high-severity issue; no KEV listing or public proof-of-concept has been confirmed at this time.

Privilege Escalation Apple Authentication Bypass
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-22179 npm HIGH PATCH This Week

OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in the macOS node-host system.run function that permits remote attackers with high privileges to execute arbitrary commands by exploiting improper parsing of command substitution tokens. Attackers can craft malicious shell payloads using command substitution syntax within double-quoted strings to circumvent security allowlists and achieve code execution. A patch is available from the vendor, and the vulnerability has been documented by VulnCheck with public advisory and GitHub security advisory references.

Command Injection Apple macOS
NVD GitHub VulDB
CVSS 4.0
7.5
EPSS
0.1%
CVE-2026-20643 MEDIUM PATCH NEWS This Month

A denial of service vulnerability in A cross-origin (CVSS 5.4). Remediation should follow standard vulnerability management procedures.

Authentication Bypass Apple macOS iOS Red Hat +1
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-32751 Go CRITICAL PATCH Act Now

SiYuan's mobile file tree fails to sanitize notebook names in WebSocket rename events, allowing authenticated users to inject arbitrary HTML and JavaScript that executes in other clients' browsers. When combined with Electron's insecure configuration (nodeIntegration enabled, contextIsolation disabled), this stored XSS escalates to remote code execution with full Node.js privileges on affected desktop and mobile clients. The vulnerability affects users with notebook rename permissions across Docker, Node.js, Python, and Apple platforms.

Docker RCE XSS Node.js Command Injection +4
NVD GitHub VulDB
CVSS 3.1
9.0
EPSS
0.4%
CVE-2023-43010 HIGH PATCH This Week

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 and iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7. [CVSS 8.8 HIGH]

Buffer Overflow Apple Memory Corruption Ipados Iphone Os
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-3930 MEDIUM PATCH This Month

Unsafe navigation in Navigation in Google Chrome on iOS versions up to 146.0.7680.71 contains a security vulnerability.

Google Authentication Bypass Apple Chrome iOS +2
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-31852 CRITICAL Act Now

Arbitrary code execution in Jellyfin iOS GitHub Actions workflow. CVSS 10.0.

Privilege Escalation RCE Apple iOS
NVD GitHub VulDB
CVSS 3.1
10.0
EPSS
0.1%
CVE-2026-31813 MEDIUM This Month

Supabase Auth allows remote attackers to hijack user sessions by crafting fraudulent ID tokens when Apple or Azure OAuth providers are configured, enabling unauthorized access to victim accounts without requiring user interaction. An attacker can forge a valid JWT token for any target email address and exchange it at the token endpoint to obtain legitimate session credentials, effectively impersonating arbitrary users. This affects organizations using Supabase with Apple or Azure authentication enabled, with no patch currently available to remediate the vulnerability.

Microsoft Authentication Bypass Apple
NVD GitHub VulDB
CVSS 3.1
4.8
EPSS
0.0%
CVE-2026-20074 HIGH This Week

Cisco IOS XR Software's IS-IS routing implementation fails to properly validate incoming protocol packets, enabling an adjacent network attacker to trigger repeated process crashes and temporary routing outages. An attacker with Layer 2 adjacency can send malformed IS-IS packets to force denial of service conditions affecting network connectivity. No patch is currently available for this high-severity vulnerability.

Cisco Denial Of Service Apple Ios Xr
NVD VulDB
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-20046 HIGH This Week

Cisco IOS XR Software contains a task group mapping flaw in a specific CLI command that allows authenticated local attackers to bypass privilege checks and gain full administrative access to affected devices. An attacker with low-privileged credentials can exploit this misconfiguration to execute unauthorized administrative actions without proper authorization validation. No patch is currently available.

Cisco Apple Privilege Escalation Ios Xr
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-20040 HIGH This Week

Insufficient CLI argument validation in Cisco IOS XR Software enables authenticated local attackers to achieve root-level code execution through crafted commands. An attacker with low-privileged account access can exploit this vulnerability to bypass privilege restrictions and execute arbitrary commands on the affected device's underlying operating system. No patch is currently available for this high-severity vulnerability.

Cisco Apple Command Injection Ios Xr
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2919 MEDIUM This Month

Domain spoofing in Focus for iOS versions prior to 148.2 allows remote attackers to display malicious content under trusted domain names through navigation stalling and iframe redirection techniques, without requiring user interaction beyond the initial page load. An attacker can leverage this to conduct phishing attacks or distribute misleading content by presenting spoofed trusted domains in the browser UI. No patch is currently available for this vulnerability.

Information Disclosure Apple
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-28727 HIGH This Week

Acronis Cyber Protect and Cloud Agent on macOS before specific builds contain an insecure Unix socket permissions vulnerability that allows local authenticated users to escalate privileges and gain complete system control. An attacker with local access can exploit this misconfiguration to read sensitive data, modify system files, and execute arbitrary commands with elevated rights. No patch is currently available for this HIGH severity vulnerability.

Privilege Escalation Apple
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2026-30798 HIGH POC This Week

Remote denial-of-service in RustDesk Client through 1.4.5 allows network-positioned attackers to disrupt the remote-access agent by manipulating heartbeat synchronization traffic, abusing weak authenticity checks in the hbbs_http/sync.rs heartbeat loop to trigger the stop-service handler. Publicly available exploit code exists, but EPSS is very low (0.02%, 5th percentile) and there is no public exploit identified at time of analysis being tracked as actively exploited (not in CISA KEV).

Rustdesk Microsoft Google Apple Information Disclosure
NVD VulDB
CVSS 4.0
8.2
EPSS
0.0%
CVE-2026-30797 CRITICAL Act Now

Security vulnerability in RustDesk remote desktop client/server. One of 6+ critical CVEs affecting the open-source remote access platform.

Google Apple Information Disclosure Microsoft Android +2
NVD VulDB
CVSS 4.0
9.3
EPSS
0.1%
CVE-2026-30796 MEDIUM This Month

RustDesk Server Pro through version 1.7.5 transmits sensitive address book credentials in cleartext over the network heartbeat synchronization API, enabling attackers to intercept and obtain authentication credentials without authentication. The vulnerability affects Windows, macOS, and Linux deployments where the address book sync functionality is enabled. No patch is currently available.

Apple Microsoft Information Disclosure Rustdesk Rustdesk Server
NVD VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-30795 HIGH This Week

RustDesk Client through version 1.4.5 transmits sensitive preset address book credentials in cleartext during heartbeat synchronization, enabling network eavesdropping attacks across Windows, macOS, Linux, iOS, and Android platforms. An attacker positioned to intercept network traffic can capture authentication credentials by sniffing the unencrypted JSON payload. No patch is currently available for this high-severity vulnerability (CVSS 8.7).

Apple Information Disclosure Microsoft Google Android +2
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-30794 CRITICAL Act Now

Security vulnerability in RustDesk remote desktop client/server. One of 6+ critical CVEs affecting the open-source remote access platform.

Apple Information Disclosure Microsoft Google Rustdesk
NVD GitHub VulDB
CVSS 4.0
9.1
EPSS
0.0%
CVE-2026-30793 CRITICAL Act Now

Security vulnerability in RustDesk remote desktop client/server. One of 6+ critical CVEs affecting the open-source remote access platform.

CSRF Privilege Escalation Authentication Bypass Google Apple +4
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.0%
CVE-2026-30792 HIGH This Week

Configuration tampering in RustDesk Client through 1.4.5 allows a network-positioned attacker to manipulate Application API messages exchanged between the client and its rendezvous/sync server, altering client strategy and configuration options. The flaw spans every supported platform (Windows, macOS, Linux, iOS, Android, WebClient) and stems from insecure handling in the Strategy merge loop and Config::set_options(), giving an MitM attacker the ability to silently rewrite client behavior. No public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.05% (16th percentile).

Apple Information Disclosure Microsoft Google Rustdesk
NVD VulDB
CVSS 4.0
8.3
EPSS
0.1%
CVE-2026-30790 HIGH This Week

Password brute-forcing weakness in RustDesk Server Pro through 1.7.5 and RustDesk Server (OSS) through 1.1.15 allows remote attackers to attack the peer authentication and API login modules without triggering rate limiting, while the SHA256(SHA256(pwd+salt)+challenge) construction provides insufficient computational cost to resist offline guessing. The flaw combines CWE-307 (missing throttling of authentication attempts) with weak password hashing on Windows, macOS, and Linux deployments, and no public exploit has been identified at time of analysis.

Information Disclosure Microsoft Apple Rustdesk Server
NVD GitHub VulDB
CVSS 4.0
8.2
EPSS
0.0%
CVE-2026-30789 MEDIUM This Month

Authentication bypass in RustDesk Client through 1.4.5 across Windows, macOS, Linux, iOS, and Android allows remote attackers to replay captured session IDs and login proofs to impersonate legitimate peers without knowing the original credentials. The flaw stems from insufficient computational effort in the hash_password() routine combined with reusable session identifiers in the login proof construction, enabling capture-replay attacks against the peer authentication module. No public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.04% (12th percentile).

Authentication Bypass Google Microsoft Apple Rustdesk
NVD VulDB
CVSS 4.0
5.7
EPSS
0.0%
CVE-2026-30785 HIGH This Week

RustDesk Client through version 1.4.5 on Windows, macOS, and Linux uses weak password hashing and improper object prototype handling in its password security and configuration encryption modules, allowing local authenticated attackers to extract embedded sensitive data including passwords and machine identifiers. The vulnerability affects critical cryptographic functions including symmetric_crypt() and decrypt_str_or_original(), enabling attackers with local access and valid credentials to compromise encrypted credentials and system identifiers. No patch is currently available.

Information Disclosure Microsoft Apple Windows macOS
NVD GitHub VulDB
CVSS 4.0
8.2
EPSS
0.0%
CVE-2026-30783 MEDIUM This Month

Privilege escalation in RustDesk Client through version 1.4.5 on Windows, macOS, Linux, iOS, and Android allows unauthenticated remote attackers to abuse API sync and configuration management functions. The vulnerability in the rendezvous mediator and HTTP sync modules enables attackers to gain elevated privileges without user interaction. No patch is currently available for affected users.

Information Disclosure Google Apple Microsoft Rustdesk
NVD VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2026-3598 HIGH This Week

RustDesk Server Pro through version 1.7.5 uses weak cryptographic algorithms in configuration string generation and web console export functions, enabling attackers to extract sensitive embedded data from exported configurations. This vulnerability affects Windows, macOS, and Linux deployments and requires no authentication or user interaction to exploit. No patch is currently available.

Information Disclosure Apple Microsoft Windows macOS
NVD VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-30791 HIGH This Week

RustDesk Client through version 1.4.5 uses a broken cryptographic algorithm that allows attackers to retrieve sensitive embedded data during config import, URI scheme handling, or CLI operations across Windows, macOS, Linux, iOS, Android, and web clients. An unauthenticated remote attacker can exploit this vulnerability without user interaction to extract sensitive configuration information. No patch is currently available for this high-severity vulnerability.

Microsoft Apple Google Information Disclosure Rustdesk +3
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-3102 LOW POC PATCH Monitor

Command injection in exiftool's PNG file parser on macOS allows remote attackers to execute arbitrary OS commands by manipulating the DateTimeOriginal argument in the SetMacOSTags function. Public exploit code exists for this vulnerability, and affected users should upgrade to version 13.50 or later to remediate the issue.

Command Injection Apple
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.2%
CVE-2026-2634 CRITICAL Act Now

Address bar spoofing in Firefox before 148 allows malicious scripts to desynchronize the displayed URL from actual web content before receiving a response, enabling phishing attacks.

Apple Mozilla Information Disclosure
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-26327 npm MEDIUM PATCH This Month

OpenClaw's mDNS/Bonjour discovery beacons transmit unauthenticated TXT records that iOS, macOS, and Android clients treat as authoritative for routing and TLS certificate pinning, allowing an attacker on a shared LAN to advertise a rogue service and redirect connections to attacker-controlled endpoints. An attacker can exploit this to bypass TLS pinning validation and potentially capture Gateway credentials through man-in-the-middle attacks. The vulnerability affects OpenClaw versions prior to 2026.2.14 and requires network proximity but no user interaction.

macOS Android iOS TLS AI / ML +2
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-2032 MEDIUM This Month

Firefox for iOS before version 147.2.1 fails to properly synchronize the address bar with page content when malicious scripts interfere with new tab loading, enabling attackers to conduct HTML spoofing attacks under trusted domains. An attacker can exploit this through a malicious webpage to deceive users into believing they are viewing legitimate content from a trusted site. This vulnerability requires user interaction to trigger but has no patch currently available.

Mozilla Information Disclosure Apple
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-20700 HIGH POC KEV THREAT Act Now

Apple's kernel across all platforms (iOS, macOS, watchOS, visionOS, tvOS) contains a memory corruption vulnerability (CVE-2026-20700, CVSS 7.8) that allows attackers with memory write capability to execute arbitrary code at the kernel level. KEV-listed with Apple confirming reports of sophisticated in-the-wild exploitation, this represents an active zero-day targeting the Apple ecosystem at its most fundamental security boundary.

Apple RCE Buffer Overflow macOS iOS
NVD VulDB
CVSS 3.1
7.8
EPSS
0.4%
Threat
4.6
CVE-2026-20682 MEDIUM This Month

Deleted notes on affected Apple iOS and iPadOS devices remain accessible due to improper state management, allowing unauthenticated remote attackers to discover sensitive deleted content without user interaction. This information disclosure vulnerability affects iOS 26.3, iPadOS 26.3, iOS 18.7.5, and iPadOS 18.7.5, with no patch currently available for earlier versions.

Apple Information Disclosure iOS
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-20681 LOW Monitor

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Tahoe 26.3. [CVSS 3.3 LOW]

Apple macOS
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-20680 MEDIUM This Month

Sandboxed applications on Apple platforms (macOS Tahoe, Sonoma, Sequoia, iOS, and iPadOS) can bypass app state observability restrictions to access sensitive user data. A local attacker with app execution privileges could exploit this information disclosure vulnerability to observe data from other applications. Patches are available in macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5, and iPadOS 18.7.5.

Apple Information Disclosure
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-20678 MEDIUM This Month

Unauthorized access to sensitive user data in iOS and iPadOS results from improper state management in authorization checks, allowing local applications to bypass access restrictions. This medium-severity vulnerability affects Apple iOS/iPadOS users running versions prior to 18.7.5 and 26.3, with no patch currently available. A malicious app with user permissions could extract confidential information without additional user interaction.

Apple Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20677 CRITICAL Act Now

Race condition in Apple macOS/iOS symlink handling allows privilege escalation. Fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, iOS 18.7.5.

Apple Race Condition Authentication Bypass
NVD
CVSS 3.1
9.0
EPSS
0.1%
CVE-2026-20676 MEDIUM PATCH This Month

Safari web extensions on Apple platforms can leak user tracking information due to inadequate state management controls, allowing websites to identify and monitor individual users across browsing sessions. This vulnerability affects iOS, iPadOS, macOS, and visionOS, and is resolved in version 26.3 of each platform. The low CVSS score reflects limited direct user impact, though it represents a privacy concern for Safari users.

Apple Denial Of Service Red Hat Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-20675 MEDIUM This Month

Information disclosure in Apple's image processing across iOS, iPadOS, macOS, tvOS, and visionOS allows local attackers to extract sensitive user data by supplying a specially crafted image file. The vulnerability requires user interaction to trigger the malicious image processing and affects multiple OS versions prior to their patched releases. No patch is currently available for affected users.

Apple Command Injection
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20674 MEDIUM This Month

iOS and iPadOS devices expose sensitive user information to attackers with physical access to locked devices due to improper data handling in the system. The vulnerability allows unauthorized viewing of confidential information without requiring authentication or user interaction. Apple patched this information disclosure flaw in iOS 26.3 and iPadOS 26.3.

Apple iOS Ipados Iphone Os
NVD
CVSS 3.1
4.6
EPSS
0.0%
CVE-2026-20673 MEDIUM This Month

Mail content filtering bypass in Apple macOS, iOS, and iPadOS allows remote content to load in message previews despite user-disabled remote content settings. An attacker can exploit this logic flaw to track user engagement or deliver malicious content that bypasses the intended privacy protection. Patches are available in macOS Sequoia 15.7.4, iOS 18.7.5, iPadOS 18.7.5, macOS Tahoe 26.3, and macOS Sonoma 14.8.4.

Apple Information Disclosure
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-20671 LOW Monitor

A logic issue was addressed with improved checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. [CVSS 3.1 LOW]

Apple Command Injection
NVD
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-20669 MEDIUM This Month

macOS path validation bypass allows local authenticated users to read sensitive user data through improper directory path parsing. The vulnerability requires local access and valid credentials, limiting the attack surface to users already on the affected system. No patch is currently available for this medium-severity issue affecting macOS Tahoe 26.3 and earlier versions.

Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20667 HIGH This Week

Sandbox escape in Apple macOS, iOS, and watchOS allows local authenticated attackers to break out of application sandboxes and gain unauthorized access to system resources and other applications' data. The vulnerability stems from insufficient validation logic in sandbox enforcement mechanisms, enabling privilege escalation with high impact on confidentiality, integrity, and availability across affected devices. No patch is currently available.

Apple Information Disclosure
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-20666 MEDIUM This Month

Unauthorized access to sensitive user data in macOS can be achieved by local applications due to improper authorization state management affecting macOS Tahoe 26.2 and earlier. An attacker with local access and basic user privileges can exploit this flaw to read confidential information without user interaction. No patch is currently available for this vulnerability.

Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20663 LOW Monitor

The issue was resolved by sanitizing logging. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. [CVSS 3.3 LOW]

Apple Information Disclosure
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-20662 MEDIUM This Month

macOS devices running Sequoia 15.7.3 and earlier or Tahoe 26.2 and earlier contain an authorization bypass that permits an attacker with physical access to a locked device to view sensitive user information through improper state management. This vulnerability affects all macOS users and carries a MEDIUM severity rating with no available patch at this time. The flaw requires direct device access and does not enable code execution or system modification.

Apple macOS
NVD
CVSS 3.1
4.6
EPSS
0.0%
CVE-2026-20661 MEDIUM This Month

iOS and iPadOS devices with physical access vulnerabilities allow attackers to bypass authorization controls and access sensitive user information on locked devices through improper state management. The flaw affects multiple iOS versions including 18.7.5 and earlier, requiring only physical access to the device with no user interaction or elevated privileges. Apple has issued patches in iOS 26.3 and iPadOS 26.3, though updates for earlier versions (iOS 18.7.5 and iPadOS 18.7.5) are also available.

Apple Authentication Bypass
NVD
CVSS 3.1
4.6
EPSS
0.0%
CVE-2026-20660 HIGH This Week

Arbitrary file write vulnerability in Apple's macOS, iOS, iPadOS, and Safari resulting from improper path handling logic allows remote attackers to write files without authentication or user interaction. Affected versions include macOS Tahoe 26.3 and earlier, macOS Sonoma 14.8.4 and earlier, iOS 18.7.5 and earlier, and Safari 26.3 and earlier. No patch is currently available for this high-severity vulnerability.

Apple Path Traversal
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-20658 HIGH This Week

Unprivileged local users on macOS can exploit a package validation bypass to escalate privileges to root through a vulnerable application. This high-severity issue affects macOS systems up to version 26.2 and requires local access with standard user privileges. A patch is not yet available, leaving affected systems exposed to privilege escalation attacks.

Apple macOS
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-20656 LOW Monitor

A logic issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, Safari 26.3, macOS Tahoe 26.3. [CVSS 3.3 LOW]

Apple Authentication Bypass
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-20655 MEDIUM This Month

Sensitive information disclosure in Apple iOS and iPadOS results from improper state management in authorization checks, allowing an attacker with physical access to a locked device to view confidential user data. The vulnerability affects multiple iOS and iPadOS versions and currently lacks an available patch. Local privilege or device access is required, making this a risk primarily to users whose devices may be physically compromised.

Apple Authentication Bypass
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20654 MEDIUM This Month

A local privilege escalation vulnerability in Apple's operating systems (macOS, iOS, visionOS, and iPadOS) allows authenticated users to trigger a buffer overflow condition resulting in denial of service through application crashes. The vulnerability stems from improper memory handling and affects multiple Apple platforms including watchOS and tvOS. Currently, no patch is available, though the vendor has indicated fixes will be included in upcoming OS updates.

Apple Buffer Overflow
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20653 MEDIUM This Month

Improper path validation in Apple's macOS, iOS, and visionOS allows local attackers to bypass directory access restrictions and read sensitive user data through crafted file paths. An authenticated user with local access can exploit this parsing weakness without user interaction to access confidential information. No patch is currently available for this vulnerability.

Apple Path Traversal
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20652 HIGH PATCH This Week

Remote denial-of-service attacks against Apple's macOS, iOS, iPadOS, Safari, and visionOS result from improper memory handling that allows unauthenticated attackers to crash affected systems over the network. The vulnerability affects multiple Apple platforms and requires no user interaction or elevated privileges to exploit. Patches are available for macOS Tahoe 26.3, iOS/iPadOS 18.7.5, visionOS 26.3, and Safari 26.3.

Apple Denial Of Service Ipados Iphone Os Visionos
NVD VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-20650 HIGH This Week

Denial-of-service attacks targeting Apple's Bluetooth stack (macOS, iOS, visionOS, watchOS) can be triggered by attackers with network access through specially crafted packets, causing service interruption without requiring user interaction. An attacker positioned on the same network segment can exploit insufficient input validation to crash Bluetooth functionality across affected devices. No patch is currently available for this vulnerability.

Apple Denial Of Service
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-20649 HIGH This Week

Insufficient data redaction in Apple's logging mechanisms across macOS, iOS, watchOS, and tvOS allows unauthenticated attackers to view sensitive user information without user interaction. This network-accessible vulnerability affects multiple Apple platforms and products with a CVSS score of 7.5. Patches are available in watchOS 26.3, iOS 26.3, iPadOS 26.3, tvOS 26.3, and macOS Tahoe 26.3.

Apple Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-20648 MEDIUM This Month

Malicious applications on macOS can intercept and read notifications synced from other iCloud-connected devices due to improper access controls on notification data. This local privilege escalation affects macOS versions prior to Tahoe 26.3 and requires user interaction to execute the malicious app. An attacker with local access could gain unauthorized visibility into private notifications and communications across a user's device ecosystem.

Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20647 MEDIUM This Month

This issue was addressed with improved data protection. This issue is fixed in macOS Tahoe 26.3. [CVSS 5.5 MEDIUM]

Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20646 LOW Monitor

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.3. [CVSS 3.3 LOW]

Apple macOS
NVD
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-20645 MEDIUM This Month

Information disclosure on locked iOS and iPadOS devices stems from improper UI state management, allowing an attacker with physical device access to view sensitive user data. The vulnerability affects multiple Apple mobile OS versions and currently lacks a public patch, though fixes are available in iOS 26.3, iPadOS 26.3, iOS 18.7.5, and iPadOS 18.7.5.

Apple XSS
NVD
CVSS 3.1
4.6
EPSS
0.0%
CVE-2026-20644 MEDIUM PATCH This Month

Memory handling flaws in Apple's macOS, iOS, iPadOS, and Safari allow remote attackers to crash affected processes by serving specially crafted web content, requiring only user interaction to trigger the denial of service. The vulnerability affects multiple Apple platforms and products across recent versions, with fixes available in macOS Tahoe 26.3, iOS 18.7.5, iPadOS 18.7.5, and Safari 26.3. No patches are currently available for all affected versions.

Apple Buffer Overflow Ipados Iphone Os Visionos
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-20642 LOW Monitor

An input validation issue was addressed. This issue is fixed in iOS 26.3 and iPadOS 26.3. [CVSS 2.4 LOW]

Apple iOS
NVD
CVSS 3.1
2.4
EPSS
0.0%
CVE-2026-20641 HIGH This Week

Installed application enumeration in Apple operating systems (macOS, iOS, iPadOS, tvOS, visionOS, watchOS) allows local applications to discover what other apps a user has installed through insufficient privacy controls. An attacker can exploit this through a malicious app to profile a user's installed software without explicit permission. This vulnerability affects multiple Apple platforms and requires user interaction to execute a malicious application.

Apple Information Disclosure
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-20640 MEDIUM This Month

iPhone Mirroring in iOS and iPadOS allows an attacker with physical device access to bypass UI protections and capture screenshots containing sensitive information that should remain hidden during the mirroring session. The vulnerability stems from insufficient state management in the user interface, enabling unauthorized viewing of private data on the iPhone while it is being mirrored to a Mac. No patch is currently available for this medium-severity issue.

Apple iOS Iphone Os Ipados
NVD
CVSS 3.1
4.6
EPSS
0.0%
CVE-2026-20638 MEDIUM This Month

A logic issue was addressed with improved checks. This issue is fixed in iOS 26.3 and iPadOS 26.3. [CVSS 5.5 MEDIUM]

Apple iOS Iphone Os Ipados
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20636 MEDIUM PATCH This Month

Denial of service in Apple Safari, iOS, iPadOS, and macOS results from improper memory handling when processing maliciously crafted web content, causing unexpected process crashes. An unauthenticated remote attacker can trigger this vulnerability through a specially crafted webpage, affecting users who view the malicious content. No patch is currently available for this vulnerability.

Apple Buffer Overflow Ipados Iphone Os Visionos
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-20635 MEDIUM PATCH This Month

Denial of service affecting Apple's macOS, iOS, iPadOS, watchOS, tvOS, and visionOS results from a memory handling flaw that crashes processes when parsing malicious web content. An unauthenticated remote attacker can trigger unexpected application termination through crafted web pages, requiring only user interaction to visit a malicious site. A patch is not currently available for this medium-severity vulnerability.

Apple Buffer Overflow Ipados Iphone Os Tvos +2
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-20634 MEDIUM This Month

Memory disclosure in Apple's image processing across macOS, iOS, iPadOS, tvOS, and visionOS allows local attackers with user interaction to leak sensitive process memory by submitting a specially crafted image file. The vulnerability requires no elevated privileges and affects multiple Apple operating system versions, with fixes available in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, and corresponding iOS/iPadOS updates. An attacker could exploit this to extract confidential data from running processes on the targeted device.

Apple Information Disclosure
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20630 MEDIUM This Month

macOS systems running versions prior to Tahoe 26.3 contain an improper permissions restriction that allows local applications to read sensitive user data without authorization. A threat actor with local access could exploit this vulnerability to exfiltrate protected information. A patch is currently unavailable for affected systems.

Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20629 MEDIUM This Month

Improper temporary file handling in macOS allows local applications to read sensitive user data without user interaction. An attacker with local access and app execution privileges can bypass privacy controls to access confidential information. This vulnerability affects macOS Tahoe 26.3 and earlier, with no patch currently available.

Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20628 HIGH This Week

Sandbox escape vulnerability in Apple's macOS, iOS, tvOS, and related platforms (CVE-2026-20628) permits malicious applications to break out of their sandbox restrictions through a permissions bypass. A local attacker with user interaction can achieve high-impact confidentiality and integrity violations by exploiting this weakness. Patches are available across multiple OS versions including macOS Tahoe 26.3, iOS 18.7.5, tvOS 26.3, and others.

Apple Authentication Bypass
NVD
CVSS 3.1
7.1
EPSS
0.0%
EPSS 0% CVSS 4.0
MEDIUM PATCH This Month

A logic issue in macOS Tahoe allows a malicious application to escape its sandbox and execute code outside of the restricted security boundary. This vulnerability affects macOS versions prior to 26.4 and represents a critical sandbox bypass that could enable arbitrary code execution with elevated privileges. While no CVSS score or active exploitation data is currently available, the sandbox escape capability makes this a high-priority patch for all affected macOS users.

Apple Information Disclosure
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

A cross-site scripting (XSS) vulnerability exists in Apple's Safari browser and iOS/iPadOS operating systems due to insufficient input validation in website content handling. An attacker can craft a malicious website that, when visited by a user, executes arbitrary JavaScript in the context of the victim's browser, potentially stealing credentials, session tokens, or performing actions on behalf of the user. Apple has released patches across Safari 26.4, iOS 18.7.7, iPadOS 18.7.7, iOS 26.4, iPadOS 26.4, and macOS Tahoe 26.4 to address this logic flaw, though no CVSS score, EPSS data, or KEV status has been publicly disclosed, suggesting this may be a proactive disclosure rather than an actively exploited vulnerability.

Apple XSS Red Hat +1
NVD VulDB
EPSS 0% CVSS 3.3
LOW PATCH Monitor

A permissions validation flaw in macOS Tahoe allows applications to circumvent Gatekeeper security checks, potentially enabling execution of untrusted or malicious code that would normally be blocked by Apple's code signing and notarization mechanisms. This vulnerability affects macOS Tahoe versions prior to 26.4 and is fixed in the 26.4 release. An attacker with the ability to distribute a specially crafted application could bypass endpoint security controls designed to protect users from unsigned or malicious software.

Apple Authentication Bypass
NVD VulDB
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

A privacy vulnerability in macOS allows applications to access sensitive user data through improper handling of temporary files. The issue affects macOS Sequoia (versions prior to 15.7.5), macOS Sonoma (versions prior to 14.8.4), and macOS Tahoe (versions prior to 26.3). An unprivileged application could exploit weak temporary file protections to read or manipulate sensitive data, though no active exploitation in the wild or public proof-of-concept has been confirmed at this time.

Apple Information Disclosure macOS
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

A SQL injection vulnerability (CVSS 5.3). Remediation should follow standard vulnerability management procedures. Vendor patch is available.

SQLi Denial Of Service Information Disclosure +3
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

The App Builder - Create Native Android & iOS Apps On The Flight WordPress plugin up to version 5.5.10 contains a privilege escalation vulnerability in its REST API registration endpoint that allows unauthenticated attackers to register accounts with the wcfm_vendor role, bypassing WCFM Marketplace's vendor approval workflow. The verify_role() function in AuthTrails.php explicitly whitelists the wcfm_vendor role without proper authorization checks, enabling attackers to immediately gain vendor-level privileges including product management, order access, and store management on affected WordPress installations. This vulnerability has a CVSS score of 6.5 with low attack complexity and no authentication requirements, making it a moderate-to-significant risk for WordPress sites using both this plugin and WCFM Marketplace.

Apple Google WordPress +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Halloy, an IRC application written in Rust, fails to properly restrict file permissions on its configuration directory and files on *nix and macOS systems prior to commit f180e41061db393acf65bc99f5c5e7397586d9cb, resulting in world-readable access to plaintext credentials. Any local user on an affected system can read sensitive authentication data stored in config.toml or referenced password files, leading to credential compromise. While no CVSS score or EPSS data is currently available, the vulnerability represents a direct information disclosure risk with low exploitation complexity.

Information Disclosure Apple macOS +1
NVD GitHub VulDB
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

MinIO AIStor's Security Token Service (STS) AssumeRoleWithLDAPIdentity endpoint contains two combined vulnerabilities that enable LDAP credential brute-forcing: distinguishable error messages allowing username enumeration (CWE-204) and missing rate limiting (CWE-307). All MinIO deployments through the final open-source release with LDAP authentication enabled are affected. Unauthenticated network attackers can enumerate valid LDAP usernames, perform unlimited password guessing attacks, and obtain temporary AWS-style STS credentials granting full access to victim users' S3 buckets and objects.

Microsoft Docker Information Disclosure +3
NVD GitHub VulDB
EPSS 0% CVSS 7.6
HIGH PATCH This Week

A man-in-the-middle vulnerability in Cryptomator for iOS versions prior to 2.8.3 allows attackers who can modify the vault.cryptomator configuration file to intercept authentication tokens by substituting malicious API endpoints while maintaining legitimate authentication endpoints. This affects users unlocking Hub-backed vaults in environments where attackers have write access to vault configuration files. No evidence of active exploitation (not in CISA KEV) has been reported, and patches are available.

Information Disclosure Hashicorp Apple +1
NVD GitHub VulDB
EPSS 0% CVSS 6.1
MEDIUM This Month

A Reflected Cross-Site Scripting (XSS) vulnerability exists in the error_description parameter of Gainsight Assist, allowing unauthenticated attackers to inject malicious JavaScript payloads that execute in victims' browsers. The vulnerability is particularly dangerous because attackers can bypass the application's Web Application Firewall (WAF) using Safari-specific event handlers such as onpagereveal, which are not typically filtered by standard XSS protections. While the CVSS score of 6.1 indicates moderate severity with limited direct impact (integrity and availability degradation rather than confidentiality breach), the attack requires minimal technical complexity and no special privileges, making it exploitable by any attacker who can craft a malicious URL and socially engineer a victim into clicking it.

XSS Apple
NVD VulDB
EPSS 0% CVSS 7.3
HIGH PATCH This Week

OpenClaw prior to version 2026.2.22 on macOS allows local attackers with user-level privileges to execute unauthorized binaries by bypassing path validation in the exec-approval allowlist mode through basename-only entries. An attacker can execute same-named local binaries without approval when the security allowlist policy is enabled, circumventing intended path-based restrictions. A patch is not currently available.

Apple Authentication Bypass macOS
NVD GitHub VulDB
EPSS 3% CVSS 8.1
HIGH PATCH This Week

Path traversal in Apple and Kubernetes DAG management APIs allows authenticated attackers to access arbitrary files outside the intended directory by injecting URL-encoded forward slashes into file name parameters on GET, DELETE, RENAME, and EXECUTE endpoints. The vulnerability affects systems where a previous patch (CVE-2026-27598) only secured the CREATE endpoint while leaving other API functions unprotected. An attacker with valid credentials can read, modify, or execute unintended DAG files on the affected system.

Path Traversal Apple Kubernetes +2
NVD GitHub VulDB
EPSS 0% CVSS 9.2
CRITICAL PATCH Act Now

JWT algorithm confusion in MinIO's OpenID Connect authentication enables attackers with knowledge of the OIDC ClientSecret to forge identity tokens and obtain S3 credentials with unrestricted IAM policies, including administrative access. Affected users can have their identities impersonated and their data accessed, modified, or deleted with 100% attack success rate. The vulnerability impacts MinIO deployments across Docker, Apple, and Microsoft platforms, with no patch currently available.

Information Disclosure Docker Apple +2
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH This Week

Unauthenticated attackers can stream any private or paid video in PHP, Oracle, and Apple applications through a path traversal vulnerability in the HLS streaming endpoint. The flaw exploits a split-oracle condition where authorization validation and file access use different parsing logic on the videoDirectory parameter, allowing attackers to bypass authentication checks while accessing unauthorized content. No patch is currently available for this high-severity vulnerability.

PHP Path Traversal Oracle +1
NVD GitHub
EPSS 1% CVSS 6.2
MEDIUM PATCH This Month

The dasel YAML reader contains an unbounded alias expansion vulnerability (CWE-674) that allows attackers to trigger extreme CPU and memory consumption through specially crafted YAML documents. Affected versions include dasel v3.0.0 through v3.3.1 and the current default branch. An attacker who can supply YAML input-via CLI, file processing, or library usage-can cause denial of service with a malicious 342-byte payload that fails to complete within 5 seconds and exhibits unbounded resource growth, as demonstrated by the provided proof-of-concept.

Denial Of Service Apple macOS +1
NVD GitHub VulDB
EPSS 0% CVSS 4.8
MEDIUM PATCH This Month

OpenClaw versions before 2026.2.22 contain an allowlist parsing flaw in the macOS companion app that enables authenticated operators with elevated privileges to bypass command execution controls and run arbitrary commands on paired hosts. The vulnerability affects systems with operator.write access and macOS beta nodes, allowing attackers to craft malicious shell-chain payloads that circumvent validation checks. A security patch is available.

Apple Authentication Bypass Openclaw +1
NVD GitHub VulDB
EPSS 0% CVSS 9.0
CRITICAL PATCH Act Now

SiYuan's Bazaar marketplace fails to sanitize package metadata (displayName, description) before rendering in the Electron desktop application, allowing stored XSS that escalates to arbitrary remote code execution. Any SiYuan user (versions ≤3.5.9) who browses the Bazaar will automatically execute attacker-controlled code with full OS-level privileges when a malicious package card renders-no installation or user interaction required. A functional proof-of-concept exists demonstrating command execution via img onerror handlers, and this vulnerability is actively tracked in GitHub's advisory database (GHSA-mvpm-v6q4-m2pf), making it a critical supply-chain risk to the SiYuan user community.

Command Injection Apple Microsoft +6
NVD GitHub VulDB
EPSS 0% CVSS 9.0
CRITICAL PATCH Act Now

SiYuan's Bazaar (community package marketplace) fails to sanitize HTML in package README files during rendering, allowing stored XSS that escalates to remote code execution due to unsafe Electron configuration. An attacker can submit a malicious package with embedded JavaScript in the README that executes with full Node.js access when any user views the package details in the Bazaar. This affects SiYuan versions 3.5.9 and earlier across Windows, macOS, and Linux, with a CVSS score of 9.6 and multiple real-world exploitation vectors including data theft, reverse shells, and persistent backdoors.

Apple Microsoft XSS +6
NVD GitHub VulDB
EPSS 0% CVSS 8.2
HIGH This Week

Arturia Software Center on macOS installs plugin uninstall scripts with world-writable permissions (777) in root-owned directories, allowing local attackers to modify these scripts and achieve privilege escalation when the Privileged Helper executes them during plugin removal. This vulnerability affects any macOS user with the Arturia Software Center installed and requires local access and user interaction to exploit. No patch is currently available.

Privilege Escalation Apple
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

The Arturia Software Center on macOS contains insufficient code signature validation in its Privileged Helper component, allowing unauthenticated clients to connect and execute privileged actions without proper authorization. This vulnerability affects all versions of Arturia Software Center and enables local privilege escalation attacks where an unprivileged user can escalate to root or system-level privileges. While no CVSS score or EPSS data is publicly available, the authentication bypass nature and privilege escalation impact classify this as a high-severity issue; no KEV listing or public proof-of-concept has been confirmed at this time.

Privilege Escalation Apple Authentication Bypass
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

OpenClaw versions prior to 2026.2.22 contain an allowlist bypass vulnerability in the macOS node-host system.run function that permits remote attackers with high privileges to execute arbitrary commands by exploiting improper parsing of command substitution tokens. Attackers can craft malicious shell payloads using command substitution syntax within double-quoted strings to circumvent security allowlists and achieve code execution. A patch is available from the vendor, and the vulnerability has been documented by VulnCheck with public advisory and GitHub security advisory references.

Command Injection Apple macOS
NVD GitHub VulDB
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

A denial of service vulnerability in A cross-origin (CVSS 5.4). Remediation should follow standard vulnerability management procedures.

Authentication Bypass Apple macOS +3
NVD VulDB
EPSS 0% CVSS 9.0
CRITICAL PATCH Act Now

SiYuan's mobile file tree fails to sanitize notebook names in WebSocket rename events, allowing authenticated users to inject arbitrary HTML and JavaScript that executes in other clients' browsers. When combined with Electron's insecure configuration (nodeIntegration enabled, contextIsolation disabled), this stored XSS escalates to remote code execution with full Node.js privileges on affected desktop and mobile clients. The vulnerability affects users with notebook rename permissions across Docker, Node.js, Python, and Apple platforms.

Docker RCE XSS +6
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 and iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7. [CVSS 8.8 HIGH]

Buffer Overflow Apple Memory Corruption +2
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Unsafe navigation in Navigation in Google Chrome on iOS versions up to 146.0.7680.71 contains a security vulnerability.

Google Authentication Bypass Apple +4
NVD VulDB
EPSS 0% CVSS 10.0
CRITICAL Act Now

Arbitrary code execution in Jellyfin iOS GitHub Actions workflow. CVSS 10.0.

Privilege Escalation RCE Apple +1
NVD GitHub VulDB
EPSS 0% CVSS 4.8
MEDIUM This Month

Supabase Auth allows remote attackers to hijack user sessions by crafting fraudulent ID tokens when Apple or Azure OAuth providers are configured, enabling unauthorized access to victim accounts without requiring user interaction. An attacker can forge a valid JWT token for any target email address and exchange it at the token endpoint to obtain legitimate session credentials, effectively impersonating arbitrary users. This affects organizations using Supabase with Apple or Azure authentication enabled, with no patch currently available to remediate the vulnerability.

Microsoft Authentication Bypass Apple
NVD GitHub VulDB
EPSS 0% CVSS 7.4
HIGH This Week

Cisco IOS XR Software's IS-IS routing implementation fails to properly validate incoming protocol packets, enabling an adjacent network attacker to trigger repeated process crashes and temporary routing outages. An attacker with Layer 2 adjacency can send malformed IS-IS packets to force denial of service conditions affecting network connectivity. No patch is currently available for this high-severity vulnerability.

Cisco Denial Of Service Apple +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH This Week

Cisco IOS XR Software contains a task group mapping flaw in a specific CLI command that allows authenticated local attackers to bypass privilege checks and gain full administrative access to affected devices. An attacker with low-privileged credentials can exploit this misconfiguration to execute unauthorized administrative actions without proper authorization validation. No patch is currently available.

Cisco Apple Privilege Escalation +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH This Week

Insufficient CLI argument validation in Cisco IOS XR Software enables authenticated local attackers to achieve root-level code execution through crafted commands. An attacker with low-privileged account access can exploit this vulnerability to bypass privilege restrictions and execute arbitrary commands on the affected device's underlying operating system. No patch is currently available for this high-severity vulnerability.

Cisco Apple Command Injection +1
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM This Month

Domain spoofing in Focus for iOS versions prior to 148.2 allows remote attackers to display malicious content under trusted domain names through navigation stalling and iframe redirection techniques, without requiring user interaction beyond the initial page load. An attacker can leverage this to conduct phishing attacks or distribute misleading content by presenting spoofed trusted domains in the browser UI. No patch is currently available for this vulnerability.

Information Disclosure Apple
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Acronis Cyber Protect and Cloud Agent on macOS before specific builds contain an insecure Unix socket permissions vulnerability that allows local authenticated users to escalate privileges and gain complete system control. An attacker with local access can exploit this misconfiguration to read sensitive data, modify system files, and execute arbitrary commands with elevated rights. No patch is currently available for this HIGH severity vulnerability.

Privilege Escalation Apple
NVD
EPSS 0% CVSS 8.2
HIGH POC This Week

Remote denial-of-service in RustDesk Client through 1.4.5 allows network-positioned attackers to disrupt the remote-access agent by manipulating heartbeat synchronization traffic, abusing weak authenticity checks in the hbbs_http/sync.rs heartbeat loop to trigger the stop-service handler. Publicly available exploit code exists, but EPSS is very low (0.02%, 5th percentile) and there is no public exploit identified at time of analysis being tracked as actively exploited (not in CISA KEV).

Rustdesk Microsoft Google +2
NVD VulDB
EPSS 0% CVSS 9.3
CRITICAL Act Now

Security vulnerability in RustDesk remote desktop client/server. One of 6+ critical CVEs affecting the open-source remote access platform.

Google Apple Information Disclosure +4
NVD VulDB
EPSS 0% CVSS 6.9
MEDIUM This Month

RustDesk Server Pro through version 1.7.5 transmits sensitive address book credentials in cleartext over the network heartbeat synchronization API, enabling attackers to intercept and obtain authentication credentials without authentication. The vulnerability affects Windows, macOS, and Linux deployments where the address book sync functionality is enabled. No patch is currently available.

Apple Microsoft Information Disclosure +2
NVD VulDB
EPSS 0% CVSS 8.7
HIGH This Week

RustDesk Client through version 1.4.5 transmits sensitive preset address book credentials in cleartext during heartbeat synchronization, enabling network eavesdropping attacks across Windows, macOS, Linux, iOS, and Android platforms. An attacker positioned to intercept network traffic can capture authentication credentials by sniffing the unencrypted JSON payload. No patch is currently available for this high-severity vulnerability (CVSS 8.7).

Apple Information Disclosure Microsoft +4
NVD GitHub VulDB
EPSS 0% CVSS 9.1
CRITICAL Act Now

Security vulnerability in RustDesk remote desktop client/server. One of 6+ critical CVEs affecting the open-source remote access platform.

Apple Information Disclosure Microsoft +2
NVD GitHub VulDB
EPSS 0% CVSS 9.3
CRITICAL Act Now

Security vulnerability in RustDesk remote desktop client/server. One of 6+ critical CVEs affecting the open-source remote access platform.

CSRF Privilege Escalation Authentication Bypass +6
NVD GitHub VulDB
EPSS 0% CVSS 8.3
HIGH This Week

Configuration tampering in RustDesk Client through 1.4.5 allows a network-positioned attacker to manipulate Application API messages exchanged between the client and its rendezvous/sync server, altering client strategy and configuration options. The flaw spans every supported platform (Windows, macOS, Linux, iOS, Android, WebClient) and stems from insecure handling in the Strategy merge loop and Config::set_options(), giving an MitM attacker the ability to silently rewrite client behavior. No public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.05% (16th percentile).

Apple Information Disclosure Microsoft +2
NVD VulDB
EPSS 0% CVSS 8.2
HIGH This Week

Password brute-forcing weakness in RustDesk Server Pro through 1.7.5 and RustDesk Server (OSS) through 1.1.15 allows remote attackers to attack the peer authentication and API login modules without triggering rate limiting, while the SHA256(SHA256(pwd+salt)+challenge) construction provides insufficient computational cost to resist offline guessing. The flaw combines CWE-307 (missing throttling of authentication attempts) with weak password hashing on Windows, macOS, and Linux deployments, and no public exploit has been identified at time of analysis.

Information Disclosure Microsoft Apple +1
NVD GitHub VulDB
EPSS 0% CVSS 5.7
MEDIUM This Month

Authentication bypass in RustDesk Client through 1.4.5 across Windows, macOS, Linux, iOS, and Android allows remote attackers to replay captured session IDs and login proofs to impersonate legitimate peers without knowing the original credentials. The flaw stems from insufficient computational effort in the hash_password() routine combined with reusable session identifiers in the login proof construction, enabling capture-replay attacks against the peer authentication module. No public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.04% (12th percentile).

Authentication Bypass Google Microsoft +2
NVD VulDB
EPSS 0% CVSS 8.2
HIGH This Week

RustDesk Client through version 1.4.5 on Windows, macOS, and Linux uses weak password hashing and improper object prototype handling in its password security and configuration encryption modules, allowing local authenticated attackers to extract embedded sensitive data including passwords and machine identifiers. The vulnerability affects critical cryptographic functions including symmetric_crypt() and decrypt_str_or_original(), enabling attackers with local access and valid credentials to compromise encrypted credentials and system identifiers. No patch is currently available.

Information Disclosure Microsoft Apple +2
NVD GitHub VulDB
EPSS 0% CVSS 4.8
MEDIUM This Month

Privilege escalation in RustDesk Client through version 1.4.5 on Windows, macOS, Linux, iOS, and Android allows unauthenticated remote attackers to abuse API sync and configuration management functions. The vulnerability in the rendezvous mediator and HTTP sync modules enables attackers to gain elevated privileges without user interaction. No patch is currently available for affected users.

Information Disclosure Google Apple +2
NVD VulDB
EPSS 0% CVSS 8.7
HIGH This Week

RustDesk Server Pro through version 1.7.5 uses weak cryptographic algorithms in configuration string generation and web console export functions, enabling attackers to extract sensitive embedded data from exported configurations. This vulnerability affects Windows, macOS, and Linux deployments and requires no authentication or user interaction to exploit. No patch is currently available.

Information Disclosure Apple Microsoft +2
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

RustDesk Client through version 1.4.5 uses a broken cryptographic algorithm that allows attackers to retrieve sensitive embedded data during config import, URI scheme handling, or CLI operations across Windows, macOS, Linux, iOS, Android, and web clients. An unauthenticated remote attacker can exploit this vulnerability without user interaction to extract sensitive configuration information. No patch is currently available for this high-severity vulnerability.

Microsoft Apple Google +5
NVD VulDB
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Command injection in exiftool's PNG file parser on macOS allows remote attackers to execute arbitrary OS commands by manipulating the DateTimeOriginal argument in the SetMacOSTags function. Public exploit code exists for this vulnerability, and affected users should upgrade to version 13.50 or later to remediate the issue.

Command Injection Apple
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL Act Now

Address bar spoofing in Firefox before 148 allows malicious scripts to desynchronize the displayed URL from actual web content before receiving a response, enabling phishing attacks.

Apple Mozilla Information Disclosure
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

OpenClaw's mDNS/Bonjour discovery beacons transmit unauthenticated TXT records that iOS, macOS, and Android clients treat as authoritative for routing and TLS certificate pinning, allowing an attacker on a shared LAN to advertise a rogue service and redirect connections to attacker-controlled endpoints. An attacker can exploit this to bypass TLS pinning validation and potentially capture Gateway credentials through man-in-the-middle attacks. The vulnerability affects OpenClaw versions prior to 2026.2.14 and requires network proximity but no user interaction.

macOS Android iOS +4
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM This Month

Firefox for iOS before version 147.2.1 fails to properly synchronize the address bar with page content when malicious scripts interfere with new tab loading, enabling attackers to conduct HTML spoofing attacks under trusted domains. An attacker can exploit this through a malicious webpage to deceive users into believing they are viewing legitimate content from a trusted site. This vulnerability requires user interaction to trigger but has no patch currently available.

Mozilla Information Disclosure Apple
NVD VulDB
EPSS 0% 4.6 CVSS 7.8
HIGH POC KEV THREAT Act Now

Apple's kernel across all platforms (iOS, macOS, watchOS, visionOS, tvOS) contains a memory corruption vulnerability (CVE-2026-20700, CVSS 7.8) that allows attackers with memory write capability to execute arbitrary code at the kernel level. KEV-listed with Apple confirming reports of sophisticated in-the-wild exploitation, this represents an active zero-day targeting the Apple ecosystem at its most fundamental security boundary.

Apple RCE Buffer Overflow +2
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM This Month

Deleted notes on affected Apple iOS and iPadOS devices remain accessible due to improper state management, allowing unauthenticated remote attackers to discover sensitive deleted content without user interaction. This information disclosure vulnerability affects iOS 26.3, iPadOS 26.3, iOS 18.7.5, and iPadOS 18.7.5, with no patch currently available for earlier versions.

Apple Information Disclosure iOS
NVD VulDB
EPSS 0% CVSS 3.3
LOW Monitor

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Tahoe 26.3. [CVSS 3.3 LOW]

Apple macOS
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Sandboxed applications on Apple platforms (macOS Tahoe, Sonoma, Sequoia, iOS, and iPadOS) can bypass app state observability restrictions to access sensitive user data. A local attacker with app execution privileges could exploit this information disclosure vulnerability to observe data from other applications. Patches are available in macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5, and iPadOS 18.7.5.

Apple Information Disclosure
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Unauthorized access to sensitive user data in iOS and iPadOS results from improper state management in authorization checks, allowing local applications to bypass access restrictions. This medium-severity vulnerability affects Apple iOS/iPadOS users running versions prior to 18.7.5 and 26.3, with no patch currently available. A malicious app with user permissions could extract confidential information without additional user interaction.

Apple Information Disclosure
NVD
EPSS 0% CVSS 9.0
CRITICAL Act Now

Race condition in Apple macOS/iOS symlink handling allows privilege escalation. Fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, iOS 18.7.5.

Apple Race Condition Authentication Bypass
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Safari web extensions on Apple platforms can leak user tracking information due to inadequate state management controls, allowing websites to identify and monitor individual users across browsing sessions. This vulnerability affects iOS, iPadOS, macOS, and visionOS, and is resolved in version 26.3 of each platform. The low CVSS score reflects limited direct user impact, though it represents a privacy concern for Safari users.

Apple Denial Of Service Red Hat +1
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

Information disclosure in Apple's image processing across iOS, iPadOS, macOS, tvOS, and visionOS allows local attackers to extract sensitive user data by supplying a specially crafted image file. The vulnerability requires user interaction to trigger the malicious image processing and affects multiple OS versions prior to their patched releases. No patch is currently available for affected users.

Apple Command Injection
NVD VulDB
EPSS 0% CVSS 4.6
MEDIUM This Month

iOS and iPadOS devices expose sensitive user information to attackers with physical access to locked devices due to improper data handling in the system. The vulnerability allows unauthorized viewing of confidential information without requiring authentication or user interaction. Apple patched this information disclosure flaw in iOS 26.3 and iPadOS 26.3.

Apple iOS Ipados +1
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Mail content filtering bypass in Apple macOS, iOS, and iPadOS allows remote content to load in message previews despite user-disabled remote content settings. An attacker can exploit this logic flaw to track user engagement or deliver malicious content that bypasses the intended privacy protection. Patches are available in macOS Sequoia 15.7.4, iOS 18.7.5, iPadOS 18.7.5, macOS Tahoe 26.3, and macOS Sonoma 14.8.4.

Apple Information Disclosure
NVD
EPSS 0% CVSS 3.1
LOW Monitor

A logic issue was addressed with improved checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. [CVSS 3.1 LOW]

Apple Command Injection
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

macOS path validation bypass allows local authenticated users to read sensitive user data through improper directory path parsing. The vulnerability requires local access and valid credentials, limiting the attack surface to users already on the affected system. No patch is currently available for this medium-severity issue affecting macOS Tahoe 26.3 and earlier versions.

Apple macOS
NVD
EPSS 0% CVSS 8.8
HIGH This Week

Sandbox escape in Apple macOS, iOS, and watchOS allows local authenticated attackers to break out of application sandboxes and gain unauthorized access to system resources and other applications' data. The vulnerability stems from insufficient validation logic in sandbox enforcement mechanisms, enabling privilege escalation with high impact on confidentiality, integrity, and availability across affected devices. No patch is currently available.

Apple Information Disclosure
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Unauthorized access to sensitive user data in macOS can be achieved by local applications due to improper authorization state management affecting macOS Tahoe 26.2 and earlier. An attacker with local access and basic user privileges can exploit this flaw to read confidential information without user interaction. No patch is currently available for this vulnerability.

Apple macOS
NVD
EPSS 0% CVSS 3.3
LOW Monitor

The issue was resolved by sanitizing logging. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. [CVSS 3.3 LOW]

Apple Information Disclosure
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

macOS devices running Sequoia 15.7.3 and earlier or Tahoe 26.2 and earlier contain an authorization bypass that permits an attacker with physical access to a locked device to view sensitive user information through improper state management. This vulnerability affects all macOS users and carries a MEDIUM severity rating with no available patch at this time. The flaw requires direct device access and does not enable code execution or system modification.

Apple macOS
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

iOS and iPadOS devices with physical access vulnerabilities allow attackers to bypass authorization controls and access sensitive user information on locked devices through improper state management. The flaw affects multiple iOS versions including 18.7.5 and earlier, requiring only physical access to the device with no user interaction or elevated privileges. Apple has issued patches in iOS 26.3 and iPadOS 26.3, though updates for earlier versions (iOS 18.7.5 and iPadOS 18.7.5) are also available.

Apple Authentication Bypass
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Arbitrary file write vulnerability in Apple's macOS, iOS, iPadOS, and Safari resulting from improper path handling logic allows remote attackers to write files without authentication or user interaction. Affected versions include macOS Tahoe 26.3 and earlier, macOS Sonoma 14.8.4 and earlier, iOS 18.7.5 and earlier, and Safari 26.3 and earlier. No patch is currently available for this high-severity vulnerability.

Apple Path Traversal
NVD VulDB
EPSS 0% CVSS 7.8
HIGH This Week

Unprivileged local users on macOS can exploit a package validation bypass to escalate privileges to root through a vulnerable application. This high-severity issue affects macOS systems up to version 26.2 and requires local access with standard user privileges. A patch is not yet available, leaving affected systems exposed to privilege escalation attacks.

Apple macOS
NVD
EPSS 0% CVSS 3.3
LOW Monitor

A logic issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, Safari 26.3, macOS Tahoe 26.3. [CVSS 3.3 LOW]

Apple Authentication Bypass
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Sensitive information disclosure in Apple iOS and iPadOS results from improper state management in authorization checks, allowing an attacker with physical access to a locked device to view confidential user data. The vulnerability affects multiple iOS and iPadOS versions and currently lacks an available patch. Local privilege or device access is required, making this a risk primarily to users whose devices may be physically compromised.

Apple Authentication Bypass
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A local privilege escalation vulnerability in Apple's operating systems (macOS, iOS, visionOS, and iPadOS) allows authenticated users to trigger a buffer overflow condition resulting in denial of service through application crashes. The vulnerability stems from improper memory handling and affects multiple Apple platforms including watchOS and tvOS. Currently, no patch is available, though the vendor has indicated fixes will be included in upcoming OS updates.

Apple Buffer Overflow
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper path validation in Apple's macOS, iOS, and visionOS allows local attackers to bypass directory access restrictions and read sensitive user data through crafted file paths. An authenticated user with local access can exploit this parsing weakness without user interaction to access confidential information. No patch is currently available for this vulnerability.

Apple Path Traversal
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Remote denial-of-service attacks against Apple's macOS, iOS, iPadOS, Safari, and visionOS result from improper memory handling that allows unauthenticated attackers to crash affected systems over the network. The vulnerability affects multiple Apple platforms and requires no user interaction or elevated privileges to exploit. Patches are available for macOS Tahoe 26.3, iOS/iPadOS 18.7.5, visionOS 26.3, and Safari 26.3.

Apple Denial Of Service Ipados +2
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

Denial-of-service attacks targeting Apple's Bluetooth stack (macOS, iOS, visionOS, watchOS) can be triggered by attackers with network access through specially crafted packets, causing service interruption without requiring user interaction. An attacker positioned on the same network segment can exploit insufficient input validation to crash Bluetooth functionality across affected devices. No patch is currently available for this vulnerability.

Apple Denial Of Service
NVD
EPSS 0% CVSS 7.5
HIGH This Week

Insufficient data redaction in Apple's logging mechanisms across macOS, iOS, watchOS, and tvOS allows unauthenticated attackers to view sensitive user information without user interaction. This network-accessible vulnerability affects multiple Apple platforms and products with a CVSS score of 7.5. Patches are available in watchOS 26.3, iOS 26.3, iPadOS 26.3, tvOS 26.3, and macOS Tahoe 26.3.

Apple Information Disclosure
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Malicious applications on macOS can intercept and read notifications synced from other iCloud-connected devices due to improper access controls on notification data. This local privilege escalation affects macOS versions prior to Tahoe 26.3 and requires user interaction to execute the malicious app. An attacker with local access could gain unauthorized visibility into private notifications and communications across a user's device ecosystem.

Apple macOS
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

This issue was addressed with improved data protection. This issue is fixed in macOS Tahoe 26.3. [CVSS 5.5 MEDIUM]

Apple macOS
NVD
EPSS 0% CVSS 3.3
LOW Monitor

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.3. [CVSS 3.3 LOW]

Apple macOS
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

Information disclosure on locked iOS and iPadOS devices stems from improper UI state management, allowing an attacker with physical device access to view sensitive user data. The vulnerability affects multiple Apple mobile OS versions and currently lacks a public patch, though fixes are available in iOS 26.3, iPadOS 26.3, iOS 18.7.5, and iPadOS 18.7.5.

Apple XSS
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Memory handling flaws in Apple's macOS, iOS, iPadOS, and Safari allow remote attackers to crash affected processes by serving specially crafted web content, requiring only user interaction to trigger the denial of service. The vulnerability affects multiple Apple platforms and products across recent versions, with fixes available in macOS Tahoe 26.3, iOS 18.7.5, iPadOS 18.7.5, and Safari 26.3. No patches are currently available for all affected versions.

Apple Buffer Overflow Ipados +2
NVD VulDB
EPSS 0% CVSS 2.4
LOW Monitor

An input validation issue was addressed. This issue is fixed in iOS 26.3 and iPadOS 26.3. [CVSS 2.4 LOW]

Apple iOS
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Installed application enumeration in Apple operating systems (macOS, iOS, iPadOS, tvOS, visionOS, watchOS) allows local applications to discover what other apps a user has installed through insufficient privacy controls. An attacker can exploit this through a malicious app to profile a user's installed software without explicit permission. This vulnerability affects multiple Apple platforms and requires user interaction to execute a malicious application.

Apple Information Disclosure
NVD
EPSS 0% CVSS 4.6
MEDIUM This Month

iPhone Mirroring in iOS and iPadOS allows an attacker with physical device access to bypass UI protections and capture screenshots containing sensitive information that should remain hidden during the mirroring session. The vulnerability stems from insufficient state management in the user interface, enabling unauthorized viewing of private data on the iPhone while it is being mirrored to a Mac. No patch is currently available for this medium-severity issue.

Apple iOS Iphone Os +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A logic issue was addressed with improved checks. This issue is fixed in iOS 26.3 and iPadOS 26.3. [CVSS 5.5 MEDIUM]

Apple iOS Iphone Os +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Denial of service in Apple Safari, iOS, iPadOS, and macOS results from improper memory handling when processing maliciously crafted web content, causing unexpected process crashes. An unauthenticated remote attacker can trigger this vulnerability through a specially crafted webpage, affecting users who view the malicious content. No patch is currently available for this vulnerability.

Apple Buffer Overflow Ipados +2
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Denial of service affecting Apple's macOS, iOS, iPadOS, watchOS, tvOS, and visionOS results from a memory handling flaw that crashes processes when parsing malicious web content. An unauthenticated remote attacker can trigger unexpected application termination through crafted web pages, requiring only user interaction to visit a malicious site. A patch is not currently available for this medium-severity vulnerability.

Apple Buffer Overflow Ipados +4
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM This Month

Memory disclosure in Apple's image processing across macOS, iOS, iPadOS, tvOS, and visionOS allows local attackers with user interaction to leak sensitive process memory by submitting a specially crafted image file. The vulnerability requires no elevated privileges and affects multiple Apple operating system versions, with fixes available in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, and corresponding iOS/iPadOS updates. An attacker could exploit this to extract confidential data from running processes on the targeted device.

Apple Information Disclosure
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

macOS systems running versions prior to Tahoe 26.3 contain an improper permissions restriction that allows local applications to read sensitive user data without authorization. A threat actor with local access could exploit this vulnerability to exfiltrate protected information. A patch is currently unavailable for affected systems.

Apple macOS
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper temporary file handling in macOS allows local applications to read sensitive user data without user interaction. An attacker with local access and app execution privileges can bypass privacy controls to access confidential information. This vulnerability affects macOS Tahoe 26.3 and earlier, with no patch currently available.

Apple macOS
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Sandbox escape vulnerability in Apple's macOS, iOS, tvOS, and related platforms (CVE-2026-20628) permits malicious applications to break out of their sandbox restrictions through a permissions bypass. A local attacker with user interaction can achieve high-impact confidentiality and integrity violations by exploiting this weakness. Patches are available across multiple OS versions including macOS Tahoe 26.3, iOS 18.7.5, tvOS 26.3, and others.

Apple Authentication Bypass
NVD
Prev Page 7 of 90 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy