Vulnerability-Lookup

CVE-2025-43376 (GCVE-0-2025-43376)

Vulnerability from cvelistv5 – Published: 2025-11-04 01:16 – Updated: 2026-04-02 18:14

Summary

A logic issue was addressed with improved state management. This issue is fixed in Safari 26, iOS 18.7.7 and iPadOS 18.7.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A remote attacker may be able to view leaked DNS queries with Private Relay turned on.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE

A remote attacker may be able to view leaked DNS queries with Private Relay turned on

Assigner

apple

References

URL

FKIE_CVE-2025-43376

Vulnerability from fkie_nvd - Published: 2025-11-04 02:15 - Updated: 2026-04-02 19:20

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
product-security@apple.com	https://support.apple.com/en-us/125108	Release Notes, Vendor Advisory
product-security@apple.com	https://support.apple.com/en-us/125110
product-security@apple.com	https://support.apple.com/en-us/125113	Release Notes, Vendor Advisory
product-security@apple.com	https://support.apple.com/en-us/125114	Release Notes, Vendor Advisory
product-security@apple.com	https://support.apple.com/en-us/125115	Release Notes, Vendor Advisory
product-security@apple.com	https://support.apple.com/en-us/125116	Release Notes, Vendor Advisory
product-security@apple.com	https://support.apple.com/en-us/126793

Impacted products

Vendor	Product	Version
apple	safari	*
apple	ipados	*
apple	iphone_os	*
apple	visionos	*
apple	watchos	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "213D326D-D8FB-4C0B-B3C9-D44E359F5765",
              "versionEndExcluding": "26.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4221CFD-0208-42B8-AACA-1BE6AEC3BA9A",
              "versionEndExcluding": "26.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68DCA17A-424E-4EE3-B005-0F2E42407226",
              "versionEndExcluding": "26.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E33744A8-68C0-4822-B08E-100911C18404",
              "versionEndExcluding": "26.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66CF3395-7CC9-41FD-8419-815AC6022191",
              "versionEndExcluding": "26.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A logic issue was addressed with improved state management. This issue is fixed in Safari 26, iOS 18.7.7 and iPadOS 18.7.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A remote attacker may be able to view leaked DNS queries with Private Relay turned on."
    }
  ],
  "id": "CVE-2025-43376",
  "lastModified": "2026-04-02T19:20:35.927",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-11-04T02:15:44.710",
  "references": [
    {
      "source": "product-security@apple.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/en-us/125108"
    },
    {
      "source": "product-security@apple.com",
      "url": "https://support.apple.com/en-us/125110"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/en-us/125113"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/en-us/125114"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/en-us/125115"
    },
    {
      "source": "product-security@apple.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/en-us/125116"
    },
    {
      "source": "product-security@apple.com",
      "url": "https://support.apple.com/en-us/126793"
    }
  ],
  "sourceIdentifier": "product-security@apple.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2026-AVI-0355

Vulnerability from certfr_avis - Published: 2026-03-25 - Updated: 2026-03-25

De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et une atteinte à la confidentialité des données.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Apple	iOS	iOS versions antérieures à 26.4
Apple	iPadOS	iPadOS versions antérieures à 26.4
Apple	iPadOS	iPadOS versions antérieures à 18.7.7
Apple	Xcode	Xcode versions antérieures à 26.4
Apple	visionOS	visionOS versions antérieures à 26.4
Apple	watchOS	watchOS versions antérieures à 26.4
Apple	macOS	macOS Tahoe versions antérieures à 26.4
Apple	macOS	macOS Sonoma versions antérieures à 14.8.5
Apple	Safari	Safari versions antérieures à 26.4
Apple	macOS	macOS Sequoia versions antérieures à 15.7.5
Apple	tvOS	tvOS versions antérieures à 26.4
Apple	iOS	iOS versions antérieures à 18.7.7

References

Title

Publication Time

WID-SEC-W-2025-2058

Vulnerability from csaf_certbund - Published: 2025-09-15 22:00 - Updated: 2025-11-03 23:00

Summary

Apple Safari: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Safari ist der auf Apple Geräten eingesetzte Web Browser.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Apple Safari ausnutzen, um einen Denial of Service Zustand herbeizuführen, Informationen preiszugeben und falsche Informationen anzuzeigen.

Betroffene Betriebssysteme: - MacOS X

CVE-2025-31254

CVE-2025-43272

CVE-2025-43327

CVE-2025-43342

CVE-2025-43343

CVE-2025-43356

CVE-2025-43368

CVE-2025-43376

CVE-2025-43419

References

URL

GHSA-8H7R-5Q86-PW9X

Vulnerability from github – Published: 2025-11-04 03:30 – Updated: 2026-04-02 21:32

Details

A logic issue was addressed with improved state management. This issue is fixed in Safari 26, tvOS 26, watchOS 26, iOS 26 and iPadOS 26, visionOS 26. A remote attacker may be able to view leaked DNS queries with Private Relay turned on.

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-43376"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-11-04T02:15:44Z",
    "severity": "HIGH"
  },
  "details": "A logic issue was addressed with improved state management. This issue is fixed in Safari 26, tvOS 26, watchOS 26, iOS 26 and iPadOS 26, visionOS 26. A remote attacker may be able to view leaked DNS queries with Private Relay turned on.",
  "id": "GHSA-8h7r-5q86-pw9x",
  "modified": "2026-04-02T21:32:34Z",
  "published": "2025-11-04T03:30:27Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43376"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/125108"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/125110"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/125113"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/125114"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/125115"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/125116"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/126793"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

NCSC-2026-0101

Vulnerability from csaf_ncscnl - Published: 2026-03-25 14:02 - Updated: 2026-03-25 14:02

Summary

Kwetsbaarheden verholpen in Apple iOS en iPadOS

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten: Apple heeft meerdere kwetsbaarheden verholpen in iOS en iPadOS.

Interpretaties: De kwetsbaarheden omvatten verschillende problemen zoals onjuist padbeheer, geheugenbeheer, en onvoldoende validatie van invoer, die konden leiden tot ongeautoriseerde toegang tot gevoelige gegevens, onverwachte applicatie-terminaties, en andere beveiligingsrisico's. Aanvallers kunnen deze kwetsbaarheden misbruiken door bijvoorbeeld kwaadaardige webinhoud te verwerken of door gebruik te maken van onvoldoende beveiligde applicaties. De kwetsbaarheden zijn opgelost door verbeterde validatie- en beveiligingsmechanismen in de betrokken besturingssystemen.

Oplossingen: Apple heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.

Kans: medium

Schade: high

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-122: Heap-based Buffer Overflow

CWE-125: Out-of-bounds Read

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

CWE-275: Permission Issues

CWE-287: Improper Authentication

CWE-371: State Issues

CWE-404: Improper Resource Shutdown or Release

CWE-416: Use After Free

CWE-476: NULL Pointer Dereference

CWE-522: Insufficiently Protected Credentials

CWE-532: Insertion of Sensitive Information into Log File

CWE-601: URL Redirection to Untrusted Site ('Open Redirect')

CVE-2025-14524

A vulnerability in libcurl versions 7.33.0 to 8.17.0 causes OAuth2 bearer tokens to be unintentionally leaked during cross-protocol redirects involving IMAP, LDAP, POP3, or SMTP schemes, potentially exposing sensitive information.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE-522 - Insufficiently Protected Credentials

CVE-2025-43376

A logic issue affecting state management in multiple Apple OS versions was fixed to prevent remote attackers from viewing leaked DNS queries when Private Relay is enabled.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVE-2025-43534

An improved validation fixed a path handling vulnerability in iOS 18.7.7, iPadOS 18.7.7, iOS 26.2, and iPadOS 26.2 that could allow a user with physical access to bypass Activation Lock.

CVE-2025-64505

Multiple vulnerabilities in libpng, including heap buffer overflows and over-reads in functions like png_do_quantize, affect various products including NetApp and Apple software, alongside a separate Oracle MySQL Workbench flaw allowing unauthorized data modification or denial of service.

6.1 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

CWE-125 - Out-of-bounds Read

CVE-2026-20657

Improved memory handling in iOS 18.7.7, iPadOS 18.7.7, macOS Sequoia 15.7.5, and macOS Sonoma 14.8.5 fixed an issue where parsing a maliciously crafted file could cause unexpected app termination.

CVE-2026-20665

Apple fixed a vulnerability in multiple operating systems and Safari versions 26.4 and iOS/iPadOS 18.7.7 where malicious web content could bypass Content Security Policy enforcement due to improper state management.

CVE-2026-20668

A logging issue affecting iOS, iPadOS, macOS, and visionOS was fixed by enhancing data redaction to prevent apps from accessing sensitive user information.

CVE-2026-20687

A use after free vulnerability in multiple Apple operating systems was fixed by improving memory management to prevent apps from causing unexpected system termination or writing to kernel memory.

CVE-2026-20688

A path handling vulnerability allowing applications to potentially escape their sandbox was fixed through improved validation in iOS 26.4, iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, and visionOS 26.4.

CVE-2026-20690

An out-of-bounds access vulnerability in Apple operating systems was fixed by improving bounds checking to prevent process termination caused by maliciously crafted audio streams.

CVE-2026-20691

An authorization vulnerability in Safari 26.4 and related OS versions was resolved by enhancing state management to prevent malicious webpages from fingerprinting users.

CVE-2026-20692

A privacy issue affecting user preferences for mail content handling, specifically the 'Hide IP Address' and 'Block All Remote Content' features, was fixed in iOS 26.4, iPadOS 26.4, and various macOS versions.

CVE-2026-20698

A memory handling vulnerability in iOS 26.4, iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, and watchOS 26.4 could allow an app to cause unexpected system termination or kernel memory corruption, which was resolved through improved memory management.

CVE-2026-28822

A type confusion vulnerability related to memory handling in multiple Apple operating systems could allow an attacker to cause unexpected application termination.

CVE-2026-28833

A permissions issue allowing apps to enumerate a user’s installed applications was fixed by implementing additional restrictions in iOS 26.4, iPadOS 26.4, macOS Tahoe 26.4, and visionOS 26.4.

CVE-2026-28852

A stack overflow vulnerability allowing denial-of-service was fixed by improving input validation across multiple Apple operating systems including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS.

CVE-2026-28856

An authentication vulnerability allowing physical attackers to access sensitive user information on locked devices was fixed in iOS 26.4, iPadOS 26.4, visionOS 26.4, and watchOS 26.4.

CVE-2026-28857

Improved memory handling in Safari 26.4, iOS 26.4, iPadOS 26.4, macOS Tahoe 26.4, and visionOS 26.4 fixed an issue where processing maliciously crafted web content could cause unexpected process crashes.

CVE-2026-28858

A buffer overflow vulnerability in iOS 26.4 and iPadOS 26.4 was fixed by improved bounds checking to prevent remote system termination or kernel memory corruption.

CVE-2026-28859

A memory handling vulnerability in Safari 26.4 and related OS versions was fixed, preventing malicious websites from processing restricted web content outside the sandbox environment.

CVE-2026-28861

A logic issue in state management was fixed across multiple Apple operating systems to prevent malicious websites from accessing script message handlers intended for other origins.

CVE-2026-28863

A permissions issue allowing apps to fingerprint users was fixed by adding restrictions in iOS 26.4, iPadOS 26.4, tvOS 26.4, visionOS 26.4, and watchOS 26.4.

CVE-2026-28864

Apple addressed a vulnerability in iOS, iPadOS, macOS, visionOS, and watchOS by enhancing permissions checks to prevent local attackers from accessing users' Keychain items.

CVE-2026-28865

An authentication vulnerability in multiple Apple operating systems was addressed by improving state management to prevent attackers in privileged network positions from intercepting network traffic.

CVE-2026-28866

Multiple Apple operating systems including iOS 18.7.7, iPadOS 18.7.7, iOS 26.4, iPadOS 26.4, and various macOS versions addressed a vulnerability where improper symlink validation allowed apps to access sensitive user data.

CVE-2026-28867

A vulnerability allowing apps to potentially leak sensitive kernel state was fixed through improved authentication in multiple Apple operating systems including iOS 18.7.7, iPadOS 18.7.7, and macOS Sequoia 15.7.5.

CVE-2026-28868

A logging issue in multiple Apple operating systems including iOS, iPadOS, macOS, visionOS, and watchOS was fixed by improving data redaction to prevent apps from disclosing kernel memory.

CVE-2026-28870

An information leakage vulnerability allowing unauthorized access to sensitive user data was fixed through additional validation in iOS 26.4, iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, and watchOS 26.4.

CVE-2026-28871

A logic issue in Safari, iOS, iPadOS, and macOS was fixed through improved checks to prevent cross-site scripting attacks from malicious websites.

CVE-2026-28874

iOS 26.4 and iPadOS 26.4 addressed an issue where improved validation checks prevent remote attackers from causing unexpected app termination.

CVE-2026-28875

A buffer overflow vulnerability in iOS 26.4 and iPadOS 26.4 was fixed by implementing improved bounds checking to prevent remote denial-of-service attacks.

CVE-2026-28876

A parsing issue in directory path handling was fixed by improving path validation across multiple OS versions to prevent unauthorized app access to sensitive user data.

CVE-2026-28877

An authorization vulnerability allowing apps to potentially access sensitive user data was resolved by enhancing state management in iOS 26.4, iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, visionOS 26.4, and watchOS 26.4.

CVE-2026-28878

Apple addressed a privacy vulnerability that allowed apps to enumerate installed applications by removing sensitive data in updates to iOS 18.7.7, iPadOS 18.7.7, macOS Sonoma 14.8.5, and other operating systems.

CVE-2026-28879

A use-after-free vulnerability causing potential process crashes when handling malicious web content was fixed through improved memory management in multiple Apple operating systems including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS.

CVE-2026-28880

Multiple Apple operating systems including iOS, iPadOS, macOS, and visionOS addressed a permissions issue by implementing additional restrictions to prevent apps from enumerating a user’s installed applications.

CVE-2026-28882

An issue allowing apps to enumerate a user's installed applications was resolved through enhanced verification mechanisms in iOS 26.4, iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, and watchOS 26.4.

CVE-2026-28886

A null pointer dereference vulnerability allowing a privileged network user to cause denial-of-service was fixed via improved input validation in multiple Apple operating systems including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS.

CVE-2026-28894

A denial-of-service vulnerability in iOS 26.4, iPadOS 26.4, and multiple macOS versions was addressed by improved input validation to prevent remote attackers from causing service disruptions.

CVE-2026-28895

iOS and iPadOS 16.4 fixed a vulnerability allowing attackers with physical access to bypass biometrics-gated Protected Apps by using the passcode on devices with Stolen Device Protection enabled through improved verification checks.

References

URL

Category

	https://support.apple.com/en-us/126792	external
	https://support.apple.com/en-us/126793	external
	https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self
	https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-…	self

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Apple heeft meerdere kwetsbaarheden verholpen in iOS en iPadOS.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "De kwetsbaarheden omvatten verschillende problemen zoals onjuist padbeheer, geheugenbeheer, en onvoldoende validatie van invoer, die konden leiden tot ongeautoriseerde toegang tot gevoelige gegevens, onverwachte applicatie-terminaties, en andere beveiligingsrisico\u0027s. Aanvallers kunnen deze kwetsbaarheden misbruiken door bijvoorbeeld kwaadaardige webinhoud te verwerken of door gebruik te maken van onvoldoende beveiligde applicaties. De kwetsbaarheden zijn opgelost door verbeterde validatie- en beveiligingsmechanismen in de betrokken besturingssystemen.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Apple heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
        "title": "CWE-79"
      },
      {
        "category": "general",
        "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
        "title": "CWE-119"
      },
      {
        "category": "general",
        "text": "Heap-based Buffer Overflow",
        "title": "CWE-122"
      },
      {
        "category": "general",
        "text": "Out-of-bounds Read",
        "title": "CWE-125"
      },
      {
        "category": "general",
        "text": "Exposure of Sensitive Information to an Unauthorized Actor",
        "title": "CWE-200"
      },
      {
        "category": "general",
        "text": "Permission Issues",
        "title": "CWE-275"
      },
      {
        "category": "general",
        "text": "Improper Authentication",
        "title": "CWE-287"
      },
      {
        "category": "general",
        "text": "State Issues",
        "title": "CWE-371"
      },
      {
        "category": "general",
        "text": "Improper Resource Shutdown or Release",
        "title": "CWE-404"
      },
      {
        "category": "general",
        "text": "Use After Free",
        "title": "CWE-416"
      },
      {
        "category": "general",
        "text": "NULL Pointer Dereference",
        "title": "CWE-476"
      },
      {
        "category": "general",
        "text": "Insufficiently Protected Credentials",
        "title": "CWE-522"
      },
      {
        "category": "general",
        "text": "Insertion of Sensitive Information into Log File",
        "title": "CWE-532"
      },
      {
        "category": "general",
        "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
        "title": "CWE-601"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://support.apple.com/en-us/126792"
      },
      {
        "category": "external",
        "summary": "Reference",
        "url": "https://support.apple.com/en-us/126793"
      }
    ],
    "title": "Kwetsbaarheden verholpen in Apple iOS en iPadOS",
    "tracking": {
      "current_release_date": "2026-03-25T14:02:07.392994Z",
      "generator": {
        "date": "2025-08-04T16:30:00Z",
        "engine": {
          "name": "V.A.",
          "version": "1.3"
        }
      },
      "id": "NCSC-2026-0101",
      "initial_release_date": "2026-03-25T14:02:07.392994Z",
      "revision_history": [
        {
          "date": "2026-03-25T14:02:07.392994Z",
          "number": "1.0.0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-1"
                }
              }
            ],
            "category": "product_name",
            "name": "iOS"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "vers:unknown/*",
                "product": {
                  "name": "vers:unknown/*",
                  "product_id": "CSAFPID-2"
                }
              }
            ],
            "category": "product_name",
            "name": "iPadOS"
          }
        ],
        "category": "vendor",
        "name": "Apple"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-14524",
      "cwe": {
        "id": "CWE-522",
        "name": "Insufficiently Protected Credentials"
      },
      "notes": [
        {
          "category": "other",
          "text": "Insufficiently Protected Credentials",
          "title": "CWE-522"
        },
        {
          "category": "other",
          "text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
          "title": "CWE-601"
        },
        {
          "category": "description",
          "text": "A vulnerability in libcurl versions 7.33.0 to 8.17.0 causes OAuth2 bearer tokens to be unintentionally leaked during cross-protocol redirects involving IMAP, LDAP, POP3, or SMTP schemes, potentially exposing sensitive information.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-14524 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-14524.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-14524"
    },
    {
      "cve": "CVE-2025-43376",
      "notes": [
        {
          "category": "description",
          "text": "A logic issue affecting state management in multiple Apple OS versions was fixed to prevent remote attackers from viewing leaked DNS queries when Private Relay is enabled.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-43376 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43376.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-43376"
    },
    {
      "cve": "CVE-2025-43534",
      "notes": [
        {
          "category": "description",
          "text": "An improved validation fixed a path handling vulnerability in iOS 18.7.7, iPadOS 18.7.7, iOS 26.2, and iPadOS 26.2 that could allow a user with physical access to bypass Activation Lock.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-43534 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-43534.json"
        }
      ],
      "title": "CVE-2025-43534"
    },
    {
      "cve": "CVE-2025-64505",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "other",
          "text": "Out-of-bounds Read",
          "title": "CWE-125"
        },
        {
          "category": "description",
          "text": "Multiple vulnerabilities in libpng, including heap buffer overflows and over-reads in functions like png_do_quantize, affect various products including NetApp and Apple software, alongside a separate Oracle MySQL Workbench flaw allowing unauthorized data modification or denial of service.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2025-64505 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-64505.json"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-1",
            "CSAFPID-2"
          ]
        }
      ],
      "title": "CVE-2025-64505"
    },
    {
      "cve": "CVE-2026-20657",
      "notes": [
        {
          "category": "description",
          "text": "Improved memory handling in iOS 18.7.7, iPadOS 18.7.7, macOS Sequoia 15.7.5, and macOS Sonoma 14.8.5 fixed an issue where parsing a maliciously crafted file could cause unexpected app termination.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20657 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20657.json"
        }
      ],
      "title": "CVE-2026-20657"
    },
    {
      "cve": "CVE-2026-20665",
      "notes": [
        {
          "category": "description",
          "text": "Apple fixed a vulnerability in multiple operating systems and Safari versions 26.4 and iOS/iPadOS 18.7.7 where malicious web content could bypass Content Security Policy enforcement due to improper state management.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20665 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20665.json"
        }
      ],
      "title": "CVE-2026-20665"
    },
    {
      "cve": "CVE-2026-20668",
      "notes": [
        {
          "category": "description",
          "text": "A logging issue affecting iOS, iPadOS, macOS, and visionOS was fixed by enhancing data redaction to prevent apps from accessing sensitive user information.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20668 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20668.json"
        }
      ],
      "title": "CVE-2026-20668"
    },
    {
      "cve": "CVE-2026-20687",
      "notes": [
        {
          "category": "description",
          "text": "A use after free vulnerability in multiple Apple operating systems was fixed by improving memory management to prevent apps from causing unexpected system termination or writing to kernel memory.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20687 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20687.json"
        }
      ],
      "title": "CVE-2026-20687"
    },
    {
      "cve": "CVE-2026-20688",
      "notes": [
        {
          "category": "description",
          "text": "A path handling vulnerability allowing applications to potentially escape their sandbox was fixed through improved validation in iOS 26.4, iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, and visionOS 26.4.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20688 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20688.json"
        }
      ],
      "title": "CVE-2026-20688"
    },
    {
      "cve": "CVE-2026-20690",
      "notes": [
        {
          "category": "description",
          "text": "An out-of-bounds access vulnerability in Apple operating systems was fixed by improving bounds checking to prevent process termination caused by maliciously crafted audio streams.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20690 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20690.json"
        }
      ],
      "title": "CVE-2026-20690"
    },
    {
      "cve": "CVE-2026-20691",
      "notes": [
        {
          "category": "description",
          "text": "An authorization vulnerability in Safari 26.4 and related OS versions was resolved by enhancing state management to prevent malicious webpages from fingerprinting users.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20691 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20691.json"
        }
      ],
      "title": "CVE-2026-20691"
    },
    {
      "cve": "CVE-2026-20692",
      "notes": [
        {
          "category": "description",
          "text": "A privacy issue affecting user preferences for mail content handling, specifically the \u0027Hide IP Address\u0027 and \u0027Block All Remote Content\u0027 features, was fixed in iOS 26.4, iPadOS 26.4, and various macOS versions.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20692 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20692.json"
        }
      ],
      "title": "CVE-2026-20692"
    },
    {
      "cve": "CVE-2026-20698",
      "notes": [
        {
          "category": "description",
          "text": "A memory handling vulnerability in iOS 26.4, iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, and watchOS 26.4 could allow an app to cause unexpected system termination or kernel memory corruption, which was resolved through improved memory management.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-20698 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-20698.json"
        }
      ],
      "title": "CVE-2026-20698"
    },
    {
      "cve": "CVE-2026-28822",
      "notes": [
        {
          "category": "description",
          "text": "A type confusion vulnerability related to memory handling in multiple Apple operating systems could allow an attacker to cause unexpected application termination.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28822 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28822.json"
        }
      ],
      "title": "CVE-2026-28822"
    },
    {
      "cve": "CVE-2026-28833",
      "notes": [
        {
          "category": "description",
          "text": "A permissions issue allowing apps to enumerate a user\u2019s installed applications was fixed by implementing additional restrictions in iOS 26.4, iPadOS 26.4, macOS Tahoe 26.4, and visionOS 26.4.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28833 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28833.json"
        }
      ],
      "title": "CVE-2026-28833"
    },
    {
      "cve": "CVE-2026-28852",
      "notes": [
        {
          "category": "description",
          "text": "A stack overflow vulnerability allowing denial-of-service was fixed by improving input validation across multiple Apple operating systems including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28852 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28852.json"
        }
      ],
      "title": "CVE-2026-28852"
    },
    {
      "cve": "CVE-2026-28856",
      "notes": [
        {
          "category": "description",
          "text": "An authentication vulnerability allowing physical attackers to access sensitive user information on locked devices was fixed in iOS 26.4, iPadOS 26.4, visionOS 26.4, and watchOS 26.4.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28856 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28856.json"
        }
      ],
      "title": "CVE-2026-28856"
    },
    {
      "cve": "CVE-2026-28857",
      "notes": [
        {
          "category": "description",
          "text": "Improved memory handling in Safari 26.4, iOS 26.4, iPadOS 26.4, macOS Tahoe 26.4, and visionOS 26.4 fixed an issue where processing maliciously crafted web content could cause unexpected process crashes.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28857 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28857.json"
        }
      ],
      "title": "CVE-2026-28857"
    },
    {
      "cve": "CVE-2026-28858",
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow vulnerability in iOS 26.4 and iPadOS 26.4 was fixed by improved bounds checking to prevent remote system termination or kernel memory corruption.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28858 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28858.json"
        }
      ],
      "title": "CVE-2026-28858"
    },
    {
      "cve": "CVE-2026-28859",
      "notes": [
        {
          "category": "description",
          "text": "A memory handling vulnerability in Safari 26.4 and related OS versions was fixed, preventing malicious websites from processing restricted web content outside the sandbox environment.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28859 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28859.json"
        }
      ],
      "title": "CVE-2026-28859"
    },
    {
      "cve": "CVE-2026-28861",
      "notes": [
        {
          "category": "description",
          "text": "A logic issue in state management was fixed across multiple Apple operating systems to prevent malicious websites from accessing script message handlers intended for other origins.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28861 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28861.json"
        }
      ],
      "title": "CVE-2026-28861"
    },
    {
      "cve": "CVE-2026-28863",
      "notes": [
        {
          "category": "description",
          "text": "A permissions issue allowing apps to fingerprint users was fixed by adding restrictions in iOS 26.4, iPadOS 26.4, tvOS 26.4, visionOS 26.4, and watchOS 26.4.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28863 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28863.json"
        }
      ],
      "title": "CVE-2026-28863"
    },
    {
      "cve": "CVE-2026-28864",
      "notes": [
        {
          "category": "description",
          "text": "Apple addressed a vulnerability in iOS, iPadOS, macOS, visionOS, and watchOS by enhancing permissions checks to prevent local attackers from accessing users\u0027 Keychain items.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28864 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28864.json"
        }
      ],
      "title": "CVE-2026-28864"
    },
    {
      "cve": "CVE-2026-28865",
      "notes": [
        {
          "category": "description",
          "text": "An authentication vulnerability in multiple Apple operating systems was addressed by improving state management to prevent attackers in privileged network positions from intercepting network traffic.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28865 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28865.json"
        }
      ],
      "title": "CVE-2026-28865"
    },
    {
      "cve": "CVE-2026-28866",
      "notes": [
        {
          "category": "description",
          "text": "Multiple Apple operating systems including iOS 18.7.7, iPadOS 18.7.7, iOS 26.4, iPadOS 26.4, and various macOS versions addressed a vulnerability where improper symlink validation allowed apps to access sensitive user data.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28866 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28866.json"
        }
      ],
      "title": "CVE-2026-28866"
    },
    {
      "cve": "CVE-2026-28867",
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability allowing apps to potentially leak sensitive kernel state was fixed through improved authentication in multiple Apple operating systems including iOS 18.7.7, iPadOS 18.7.7, and macOS Sequoia 15.7.5.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28867 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28867.json"
        }
      ],
      "title": "CVE-2026-28867"
    },
    {
      "cve": "CVE-2026-28868",
      "notes": [
        {
          "category": "description",
          "text": "A logging issue in multiple Apple operating systems including iOS, iPadOS, macOS, visionOS, and watchOS was fixed by improving data redaction to prevent apps from disclosing kernel memory.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28868 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28868.json"
        }
      ],
      "title": "CVE-2026-28868"
    },
    {
      "cve": "CVE-2026-28870",
      "notes": [
        {
          "category": "description",
          "text": "An information leakage vulnerability allowing unauthorized access to sensitive user data was fixed through additional validation in iOS 26.4, iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, and watchOS 26.4.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28870 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28870.json"
        }
      ],
      "title": "CVE-2026-28870"
    },
    {
      "cve": "CVE-2026-28871",
      "notes": [
        {
          "category": "description",
          "text": "A logic issue in Safari, iOS, iPadOS, and macOS was fixed through improved checks to prevent cross-site scripting attacks from malicious websites.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28871 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28871.json"
        }
      ],
      "title": "CVE-2026-28871"
    },
    {
      "cve": "CVE-2026-28874",
      "notes": [
        {
          "category": "description",
          "text": "iOS 26.4 and iPadOS 26.4 addressed an issue where improved validation checks prevent remote attackers from causing unexpected app termination.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28874 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28874.json"
        }
      ],
      "title": "CVE-2026-28874"
    },
    {
      "cve": "CVE-2026-28875",
      "notes": [
        {
          "category": "description",
          "text": "A buffer overflow vulnerability in iOS 26.4 and iPadOS 26.4 was fixed by implementing improved bounds checking to prevent remote denial-of-service attacks.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28875 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28875.json"
        }
      ],
      "title": "CVE-2026-28875"
    },
    {
      "cve": "CVE-2026-28876",
      "notes": [
        {
          "category": "description",
          "text": "A parsing issue in directory path handling was fixed by improving path validation across multiple OS versions to prevent unauthorized app access to sensitive user data.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28876 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28876.json"
        }
      ],
      "title": "CVE-2026-28876"
    },
    {
      "cve": "CVE-2026-28877",
      "notes": [
        {
          "category": "description",
          "text": "An authorization vulnerability allowing apps to potentially access sensitive user data was resolved by enhancing state management in iOS 26.4, iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, visionOS 26.4, and watchOS 26.4.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28877 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28877.json"
        }
      ],
      "title": "CVE-2026-28877"
    },
    {
      "cve": "CVE-2026-28878",
      "notes": [
        {
          "category": "description",
          "text": "Apple addressed a privacy vulnerability that allowed apps to enumerate installed applications by removing sensitive data in updates to iOS 18.7.7, iPadOS 18.7.7, macOS Sonoma 14.8.5, and other operating systems.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28878 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28878.json"
        }
      ],
      "title": "CVE-2026-28878"
    },
    {
      "cve": "CVE-2026-28879",
      "notes": [
        {
          "category": "description",
          "text": "A use-after-free vulnerability causing potential process crashes when handling malicious web content was fixed through improved memory management in multiple Apple operating systems including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28879 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28879.json"
        }
      ],
      "title": "CVE-2026-28879"
    },
    {
      "cve": "CVE-2026-28880",
      "notes": [
        {
          "category": "description",
          "text": "Multiple Apple operating systems including iOS, iPadOS, macOS, and visionOS addressed a permissions issue by implementing additional restrictions to prevent apps from enumerating a user\u2019s installed applications.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28880 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28880.json"
        }
      ],
      "title": "CVE-2026-28880"
    },
    {
      "cve": "CVE-2026-28882",
      "notes": [
        {
          "category": "description",
          "text": "An issue allowing apps to enumerate a user\u0027s installed applications was resolved through enhanced verification mechanisms in iOS 26.4, iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, and watchOS 26.4.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28882 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28882.json"
        }
      ],
      "title": "CVE-2026-28882"
    },
    {
      "cve": "CVE-2026-28886",
      "notes": [
        {
          "category": "description",
          "text": "A null pointer dereference vulnerability allowing a privileged network user to cause denial-of-service was fixed via improved input validation in multiple Apple operating systems including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28886 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28886.json"
        }
      ],
      "title": "CVE-2026-28886"
    },
    {
      "cve": "CVE-2026-28894",
      "notes": [
        {
          "category": "description",
          "text": "A denial-of-service vulnerability in iOS 26.4, iPadOS 26.4, and multiple macOS versions was addressed by improved input validation to prevent remote attackers from causing service disruptions.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28894 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28894.json"
        }
      ],
      "title": "CVE-2026-28894"
    },
    {
      "cve": "CVE-2026-28895",
      "notes": [
        {
          "category": "description",
          "text": "iOS and iPadOS 16.4 fixed a vulnerability allowing attackers with physical access to bypass biometrics-gated Protected Apps by using the passcode on devices with Stolen Device Protection enabled through improved verification checks.",
          "title": "Summary"
        },
        {
          "category": "general",
          "text": "CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
          "title": "CVSSV4"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1",
          "CSAFPID-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2026-28895 | NCSC-NL Website",
          "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28895.json"
        }
      ],
      "title": "CVE-2026-28895"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-43376 (GCVE-0-2025-43376)

FKIE_CVE-2025-43376

CERTFR-2026-AVI-0355

Solutions

WID-SEC-W-2025-2058

GHSA-8H7R-5Q86-PW9X

NCSC-2026-0101

Tags

Sightings

Nomenclature