|
3971
|
8.8 |
HIGH
Local
|
apple
|
ipados
iphone_os
macos
tvos
visionos
watchos
|
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A mali…
|
CWE-269
Improper Privilege Management
|
CVE-2026-28995
|
2026-05-13 02:17 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3972
|
7.5 |
HIGH
Network
|
apple
|
ipados
iphone_os
macos
tvos
watchos
|
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5,…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2026-28987
|
2026-05-13 02:16 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3973
|
7.5 |
HIGH
Network
|
apple
|
ipados
iphone_os
macos
tvos
watchos
|
A race condition was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, …
|
CWE-362
Race Condition
|
CVE-2026-28986
|
2026-05-13 02:16 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3974
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error and is not a valid vulnerability. Notes: All references and descriptions in this candidate h…
|
-
|
CVE-2026-8278
|
2026-05-13 02:16 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3975
|
7.5 |
HIGH
Network
|
apple
|
ipados
iphone_os
macos
tvos
visionos
watchos
|
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS T…
|
CWE-416
Use After Free
|
CVE-2026-28969
|
2026-05-13 02:15 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3976
|
7.5 |
HIGH
Network
|
apple
|
macos
|
A denial of service issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to modify protected par…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-28908
|
2026-05-13 02:10 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3977
|
7.8 |
HIGH
Local
|
apple
|
macos
|
A consistency issue was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to gain root privileges.
|
CWE-269
Improper Privilege Management
|
CVE-2026-28919
|
2026-05-13 02:10 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3978
|
4.4 |
MEDIUM
Local
|
vmware
|
spring_cloud_config
|
When enabling trace logging in Spring Cloud Config Server sensitive information was placed in plain text in the logs.
Spring Cloud Config 3.1.x: affected from 3.1.0 through 3.1.13 (inclusive); upgrad…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2026-41004
|
2026-05-13 01:52 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3979
|
8.8 |
HIGH
Network
|
nocobase
|
nocobase
|
NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the queryParentSQL() function in the core database package co…
|
CWE-89
SQL Injection
|
CVE-2026-41640
|
2026-05-13 01:51 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3980
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Plack::Middleware::Statsd versions before 0.9.0 for Perl may leak user IP addresses.
If the communication channel to the statsd daemon is not secured (for example, by sending UDP packets to a host o…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2026-45179
|
2026-05-13 01:48 |
2026-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
