Total
385 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-28833 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2026-03-25 | N/A | 6.2 MEDIUM |
| A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. An app may be able to enumerate a user's installed apps. | |||||
| CVE-2026-20637 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-03-25 | N/A | 6.2 MEDIUM |
| A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to cause unexpected system termination. | |||||
| CVE-2026-20668 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2026-03-25 | N/A | 5.5 MEDIUM |
| A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3, visionOS 26.3. An app may be able to access sensitive user data. | |||||
| CVE-2026-28852 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-03-25 | N/A | 5.5 MEDIUM |
| A stack overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to cause a denial-of-service. | |||||
| CVE-2026-28868 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-03-25 | N/A | 5.5 MEDIUM |
| A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. An app may be able to disclose kernel memory. | |||||
| CVE-2026-28864 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-03-25 | N/A | 3.3 LOW |
| This issue was addressed with improved permissions checking. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A local attacker may gain access to user's Keychain items. | |||||
| CVE-2026-28879 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-03-25 | N/A | 6.5 MEDIUM |
| A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash. | |||||
| CVE-2026-28886 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-03-25 | N/A | 5.9 MEDIUM |
| A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A user in a privileged network position may be able to cause a denial-of-service. | |||||
| CVE-2026-20700 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-03-25 | N/A | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report. | |||||
| CVE-2025-31277 | 1 Apple | 7 Ipados, Iphone Os, Macos and 4 more | 2026-03-20 | N/A | 8.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may lead to memory corruption. | |||||
| CVE-2025-43510 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-03-20 | N/A | 7.8 HIGH |
| A memory corruption issue was addressed with improved lock state checking. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, tvOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. A malicious application may cause unexpected changes in memory shared between processes. | |||||
| CVE-2025-43520 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-03-20 | N/A | 7.1 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, tvOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. A malicious application may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2026-20675 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-03-16 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved bounds checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. Processing a maliciously crafted image may lead to disclosure of user information. | |||||
| CVE-2026-20616 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2026-03-16 | N/A | 8.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termination. | |||||
| CVE-2026-20611 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-03-16 | N/A | 7.8 HIGH |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory. | |||||
| CVE-2025-43533 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-03-13 | N/A | 5.7 MEDIUM |
| Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in watchOS 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, tvOS 26.2. A malicious HID device may cause an unexpected process crash. | |||||
| CVE-2024-23222 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-03-12 | N/A | 8.8 HIGH |
| A type confusion issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited. | |||||
| CVE-2026-20617 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-02-25 | N/A | 7.0 HIGH |
| A race condition was addressed with improved state handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to gain root privileges. | |||||
| CVE-2026-20615 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2026-02-25 | N/A | 7.8 HIGH |
| A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. An app may be able to gain root privileges. | |||||
| CVE-2026-20654 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-02-18 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to cause unexpected system termination. | |||||