Skip to main content
ZDI-CAN-29239 HIGH 7.8 Overdue Feb 12, 2026

Apple

This vulnerability affects Apple, a major technology company known for consumer devices and operating systems. The HIGH severity flaw (CVSS 7.8) requires local access to a user's machine but needs no authentication or user interaction beyond clicking something, allowing an attacker to gain full control over confidentiality, integrity, and availability of the system. Security teams should monitor for patches arriving before the June 2026 deadline and watch for any targeted exploitation attempts against macOS or iOS users in the interim.

Advisory Details
Researcher Michael DePlante (@izobashi) of TrendAI Zero Day Initiative
Reported February 12, 2026
Deadline June 12, 2026 35d overdue
CVSS Vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy