|
1051
|
5.5 |
MEDIUM
Local
|
apple
|
macos
|
A logic issue was addressed with improved file handling. This issue is fixed in macOS Tahoe 26.5. A maliciously crafted ZIP archive may bypass Gatekeeper checks.
|
CWE-358
CWE-693
Improperly Implemented Security Check for Standard
Protection Mechanism Failure
|
CVE-2026-28914
|
2026-05-14 23:02 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1052
|
7.8 |
HIGH
Local
|
apple
|
macos
|
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able …
|
CWE-22
Path Traversal
|
CVE-2026-28915
|
2026-05-14 23:02 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1053
|
7.5 |
HIGH
Network
|
apple
|
ipados
iphone_os
macos
visionos
watchos
|
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5,…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2026-28943
|
2026-05-14 23:02 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1054
|
5.5 |
MEDIUM
Local
|
apple
|
ipados
iphone_os
macos
tvos
visionos
watchos
|
A race condition was addressed with additional validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watc…
|
CWE-362
Race Condition
|
CVE-2026-28996
|
2026-05-14 23:01 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1055
|
7.5 |
HIGH
Network
|
apple
|
ipados
iphone_os
|
This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4. An app may be able to circumvent App Privacy Report logging.
|
CWE-863
Incorrect Authorization
|
CVE-2026-28873
|
2026-05-14 23:01 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1056
|
6.5 |
MEDIUM
Network
|
apple
|
ipados
iphone_os
macos
tvos
visionos
watchos
|
An information leakage was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe …
|
CWE-200
Information Exposure
|
CVE-2026-28920
|
2026-05-14 23:01 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1057
|
7.5 |
HIGH
Network
|
apple
|
macos
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protected user data.
|
CWE-284
Improper Access Control
|
CVE-2026-28930
|
2026-05-14 23:01 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1058
|
7.5 |
HIGH
Network
|
apple
|
ipados
iphone_os
macos
visionos
|
The issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sonoma 14.8.7, macOS Tahoe 26.5, visionOS 26.5. Processing a malicio…
|
CWE-20
Improper Input Validation
|
CVE-2026-28936
|
2026-05-14 23:01 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1059
|
4.6 |
MEDIUM
Physics
|
apple
|
macos
|
This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.5. An attacker with physical access to a locked device may be able to view sensitive user information.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2026-28961
|
2026-05-14 23:01 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1060
|
6.2 |
MEDIUM
Local
|
apple
|
ipados
iphone_os
macos
tvos
visionos
watchos
|
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 2…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2026-28977
|
2026-05-14 23:01 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
