CVE Daily
← All tags

Tag: Apple visionOS

All CVEs associated with "Apple visionOS". Page 1/4 • 456 CVEs.

About “Apple visionOS”

A curated feed of “Apple visionOS”-related CVEs appears below. We currently track 456 CVEs for this tag (all time). In the last 365 days, 225 were published. Average CVSS is 6.5 (all time; 6.3 over 365d), and 39% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-125 - Out-of-bounds Read, CWE-20 - Improper Input Validation.

In our taxonomy this topic maps to a MODERATE impact class. Issues here typically affect operating system packages or kernels. Plan reboots or service restarts and coordinate rollouts across fleets. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

Support & lifecycle: visionos

This table shows recent release cycles and their projected end-of-life. Data source: endoflife.date.

CycleReleaseLatestEOLLTS
2626.5-
22.6 Expired
11.3 Expired

Maintained Soon (≤ 180 days) Expired

Subscribe lifecycle: RSS  ·  RSS (expired)  ·  ICS

Subscribe CVEs: RSS for “Apple visionOS”  ·  RSS (High+Critical only)

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2026-05-11
High

CVE-2026-43668

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS T…

CVSS: 7.5 CWE: CWE-416 - Use After Free View on NVD
Medium

CVE-2026-43666

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, mac…

CVSS: 6.2 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2026-43660

A validation issue was addressed with improved logic. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 2…

CVSS: 7.5 CWE: CWE-693 - Protection Mechanism Failure View on NVD
Medium

CVE-2026-43659

A race condition was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5,…

CVSS: 4.7 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
High

CVE-2026-43658

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously c…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2026-43654

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS…

CVSS: 7.5 CWE: CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere View on NVD
Medium

CVE-2026-39869

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS…

CVSS: 4.3 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2026-28996

A race condition was addressed with additional validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watc…

CVSS: 5.5 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
High

CVE-2026-28995

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A mali…

CVSS: 8.8 CWE: CWE-269 - Improper Privilege Management View on NVD
Medium

CVE-2026-28993

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, mac…

CVSS: 5.5 CWE: CWE-284 - Improper Access Control View on NVD
Medium

CVE-2026-28992

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS…

CVSS: 4.7 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
High

CVE-2026-28991

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cau…

CVSS: 7.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2026-28990

The issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2026-28988

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5, watchOS 26.5. An app may be able to bypass certain Pr…

CVSS: 5.5 CWE: CWE-284 - Improper Access Control View on NVD
High

CVE-2026-28983

A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A r…

CVSS: 7.5 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD
Medium

CVE-2026-28977

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 2…

CVSS: 6.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2026-28974

This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watch…

CVSS: 7.5 CWE: CWE-284 - Improper Access Control View on NVD
Medium

CVE-2026-28972

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, ma…

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2026-28971

The issue was addressed with improved UI handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. A malicious iframe may use another website’s download…

CVSS: 4.3 CWE: CWE-1021 - Improper Restriction of Rendered UI Layers or Frames View on NVD
High

CVE-2026-28969

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS T…

CVSS: 7.5 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2026-28964

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.5 and iPadOS 26.5, visionOS 26.5. An app may be able to access sensitive user data.

CVSS: 7.5 CWE: CWE-451 - User Interface (UI) Misrepresentation of Critical Information View on NVD
High

CVE-2026-28962

This issue was addressed with improved access restrictions. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. Processing mal…

CVSS: 7.5 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
High

CVE-2026-28959

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26…

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2026-28958

This issue was addressed with improved data protection. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. An app may be able to access sensitive user data.

CVSS: 5.5 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Low

CVE-2026-28957

An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, visionOS 26.5. An app may be able to capt…

CVSS: 3.3 CWE: CWE-284 - Improper Access Control View on NVD
Medium

CVE-2026-28956

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, vision…

CVSS: 6.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2026-28955

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS…

CVSS: 8.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2026-28953

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2026-28947

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processin…

CVSS: 8.8 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2026-28944

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, visionOS 26.5. Processing maliciously crafted web content may le…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2026-28942

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processin…

CVSS: 6.5 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2026-28940

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5.…

CVSS: 8.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2026-28936

The issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sonoma 14.8.7, macOS Tahoe 26.5, visionOS 26.5. Processing a malicio…

CVSS: 7.5 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2026-28920

An information leakage was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe…

CVSS: 6.5 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Medium

CVE-2026-28918

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Parsing a malicio…

CVSS: 6.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2026-28917

The issue was addressed with improved input validation. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS…

CVSS: 4.3 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2026-28907

The issue was addressed with improved input validation. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS…

CVSS: 8.1 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2026-28906

This issue was addressed through improved state management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5,…

CVSS: 7.5 CWE: CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor View on NVD
High

CVE-2026-28905

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5. Processing maliciously crafted web con…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2026-28904

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2026-28903

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS…

CVSS: 6.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2026-28902

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously c…

CVSS: 6.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2026-28901

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously c…

CVSS: 4.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2026-28897

A buffer overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 2…

CVSS: 6.2 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2026-28883

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processin…

CVSS: 7.5 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2026-28860

The issue was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvO…

CVSS: 7.5 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2026-28847

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS…

CVSS: 8.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2026-28846

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26…

CVSS: 7.5 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
2026-04-02
Medium

CVE-2025-43210

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.…

CVSS: 6.3 CWE: CWE-125 - Out-of-bounds Read View on NVD
2026-03-25
Medium

CVE-2026-28886

A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macO…

CVSS: 5.9 CWE: CWE-476 - NULL Pointer Dereference View on NVD
Medium

CVE-2026-28882

This issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be a…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2026-28880

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 2…

CVSS: 6.5 CWE: CWE-284 - Improper Access Control View on NVD
Medium

CVE-2026-28879

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS T…

CVSS: 6.5 CWE: CWE-416 - Use After Free View on NVD
Medium

CVE-2026-28878

A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.7, macOS Sonoma 14.8.5, macOS Tahoe 26.4, t…

CVSS: 6.5 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Medium

CVE-2026-28877

An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Ta…

CVSS: 5.5 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
High

CVE-2026-28876

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, ma…

CVSS: 7.5 CWE: CWE-284 - Improper Access Control View on NVD
Medium

CVE-2026-28870

An information leakage was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.…

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2026-28868

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4,…

CVSS: 5.5 CWE: CWE-532 - Insertion of Sensitive Information into Log File View on NVD
Medium

CVE-2026-28867

This issue was addressed with improved authentication. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4,…

CVSS: 6.2 CWE: N/A View on NVD
High

CVE-2026-28865

An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS T…

CVSS: 7.5 CWE: CWE-285 - Improper Authorization View on NVD
Low

CVE-2026-28864

This issue was addressed with improved permissions checking. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4…

CVSS: 3.3 CWE: CWE-863 - Incorrect Authorization View on NVD
Medium

CVE-2026-28863

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.4 and iPadOS 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to fingerprint the user.

CVSS: 6.5 CWE: CWE-284 - Improper Access Control View on NVD
Medium

CVE-2026-28861

A logic issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. A malicious we…

CVSS: 4.3 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
Medium

CVE-2026-28859

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A malicious website may…

CVSS: 4.3 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2026-28857

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may le…

CVSS: 6.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2026-28856

The issue was addressed with improved authentication. This issue is fixed in iOS 26.4 and iPadOS 26.4, visionOS 26.4, watchOS 26.4. An attacker with physical access to a locked device may be able to…

CVSS: 4.6 CWE: CWE-284 - Improper Access Control View on NVD
Medium

CVE-2026-28852

A stack overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, vision…

CVSS: 5.5 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2026-28833

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. An app may be able to enumerate a user's installed ap…

CVSS: 6.2 CWE: CWE-284 - Improper Access Control View on NVD
Medium

CVE-2026-28822

A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 2…

CVSS: 6.2 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD
High

CVE-2026-20698

The issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to cause unexpecte…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2026-20691

An authorization issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A maliciously crafted…

CVSS: 4.3 CWE: CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere View on NVD
Medium

CVE-2026-20690

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, ma…

CVSS: 6.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
Critical

CVE-2026-20688

A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may b…

CVSS: 9.3 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
Medium

CVE-2026-20668

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3,…

CVSS: 5.5 CWE: CWE-532 - Insertion of Sensitive Information into Log File View on NVD
Medium

CVE-2026-20665

This issue was addressed through improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, wat…

CVSS: 6.5 CWE: CWE-693 - Protection Mechanism Failure View on NVD
Medium

CVE-2026-20664

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may le…

CVSS: 4.3 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2026-20657

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Ta…

CVSS: 6.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2026-20637

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS T…

CVSS: 6.2 CWE: CWE-416 - Use After Free View on NVD
2026-03-17
Medium

CVE-2026-20643

A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 an…

CVSS: 5.4 CWE: CWE-20 - Improper Input Validation View on NVD
2026-02-11
High

CVE-2026-20700

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker with mem…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2026-20677

A race condition was addressed with improved handling of symbolic links. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS…

CVSS: 9.0 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
Medium

CVE-2026-20676

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through…

CVSS: 5.3 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2026-20675

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 2…

CVSS: 5.5 CWE: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection') View on NVD
Low

CVE-2026-20671

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3…

CVSS: 3.1 CWE: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection') View on NVD
High

CVE-2026-20660

A path handling issue was addressed with improved logic. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS T…

CVSS: 7.5 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
Medium

CVE-2026-20654

The issue was addressed with improved memory handling. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to cause unexpecte…

CVSS: 5.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2026-20653

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, ma…

CVSS: 5.5 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
High

CVE-2026-20652

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A remote attacker m…

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
High

CVE-2026-20650

A denial-of-service issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker in a privilege…

CVSS: 7.5 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2026-20644

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciou…

CVSS: 6.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2026-20641

A privacy issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26…

CVSS: 7.1 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Medium

CVE-2026-20636

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may le…

CVSS: 6.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2026-20635

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS…

CVSS: 4.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2026-20634

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS…

CVSS: 5.5 CWE: N/A View on NVD
High

CVE-2026-20628

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 2…

CVSS: 7.1 CWE: CWE-284 - Improper Access Control View on NVD
Medium

CVE-2026-20627

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, v…

CVSS: 5.5 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2026-20626

This issue was addressed with improved checks. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Tahoe 26.3, visionOS 26.3. A malicious app may be able to gain root privile…

CVSS: 7.8 CWE: CWE-862 - Missing Authorization View on NVD
Medium

CVE-2026-20625

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. An a…

CVSS: 5.5 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
Medium

CVE-2026-20621

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visi…

CVSS: 5.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2026-20617

A race condition was addressed with improved state handling. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may…

CVSS: 7.0 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
High

CVE-2026-20616

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. Processing a malic…

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2026-20615

A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. An app may be able to gain root pr…

CVSS: 7.8 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD
High

CVE-2026-20611

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, ma…

CVSS: 7.8 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2026-20609

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS…

CVSS: 4.4 CWE: CWE-125 - Out-of-bounds Read View on NVD
Medium

CVE-2026-20608

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing mal…

CVSS: 5.5 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD
Medium

CVE-2025-46305

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 2…

CVSS: 5.7 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2025-46304

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 2…

CVSS: 5.7 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD
Medium

CVE-2025-46303

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 2…

CVSS: 5.7 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2025-46302

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 2…

CVSS: 5.7 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2025-46301

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 2…

CVSS: 5.7 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2025-46300

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 2…

CVSS: 5.7 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2025-46290

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, visionOS…

CVSS: 7.5 CWE: CWE-693 - Protection Mechanism Failure View on NVD
2026-01-09
Medium

CVE-2025-46299

A memory initialization issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Proc…

CVSS: 4.3 CWE: CWE-284 - Improper Access Control View on NVD
Medium

CVE-2025-46298

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously c…

CVSS: 6.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2025-12-17
Medium

CVE-2025-46288

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. An app may be able to access sensitive…

CVSS: 5.5 CWE: CWE-284 - Improper Access Control View on NVD
Low

CVE-2025-46279

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2…

CVSS: 3.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Medium

CVE-2025-43541

A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Process…

CVSS: 4.3 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD
Medium

CVE-2025-43535

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciou…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2025-43533

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 2…

CVSS: 5.7 CWE: CWE-20 - Improper Input Validation View on NVD
Low

CVE-2025-43531

A race condition was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, wa…

CVSS: 3.1 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
CVE Daily Lookup — auto-links CVE IDs on any page you visit. GitHub, Jira, Confluence & more. Free.
Chrome Firefox