macOS 26

[Apple SQLite] Processing a file may lead to memory corruption

[Apple Perl] Multiple issues in Perl

The issue was addressed with improved bounds checks. This issue is fixed in Keynote 15.1, iOS 26 and iPadOS 26, macOS T…

[Apple WebKit] A remote attacker may be able to view leaked DNS queries with Private Relay turned on

[Apple ImageIO] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process m…

[Apple AppleMobileFileIntegrity] An app may be able to bypass launch constraint protections and execute malicious code …

[Apple CoreMedia] An app may be able to access sensitive user data

[Apple MallocStackLogging] An app may be able to access sensitive user data

[Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data

[Apple Audio] A malicious app may be able to read kernel memory

[Apple CoreMedia] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process…

[Apple Ruby] Processing a file may lead to a denial-of-service or potentially disclose memory contents

[Apple CoreServices] An app may be able to override MDM-enforced settings from profiles

[Apple Spotlight] An app may be able to access sensitive user data

[Apple IOKit] An app may be able to access sensitive user data

[Apple SoftwareUpdate] An app may be able to gain elevated privileges

[Apple Apple Online Store Kit] An app may be able to access protected user data

[Apple Printing] An app may be able to access protected user data

[Apple Foundation] An app may be able to access protected user data

[Apple FaceTime] Incoming FaceTime calls can appear or be accepted on a locked macOS device, even with notifications di…

[Apple Spell Check] An app may be able to access sensitive user data

[Apple RemoteViewServices] An app may be able to break out of its sandbox

[Apple Music] An app may be able to access user-sensitive data

[Apple AirPort] An app may be able to read sensitive location information

[Apple Trusted Device] USB Restricted Mode may not be applied to accessories connected during boot

[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected Safari crash

[Apple Notification Center] An app may be able to access user-sensitive data

[Apple GPU Drivers] An app may be able to cause unexpected system termination

[Apple AppSandbox] An app may be able to access protected user data

[Apple SharedFileList] An app may be able to break out of its sandbox

[Apple ImageIO] Processing a maliciously crafted image may corrupt process memory

[Apple Archive Utility] An app may be able to bypass Privacy preferences

[Apple SharedFileList] An app may be able to modify protected parts of the file system

[Apple SharedFileList] An app may be able to access sensitive user data

[Apple libc] An app may be able to cause a denial-of-service

[Apple System Settings] An app may bypass Gatekeeper checks

[Apple Power Management] An app may be able to cause a denial-of-service

[Apple PackageKit] An app may be able to gain root privileges

[Apple libc] An app may be able to cause a denial-of-service

[Apple Notification Center] An app may be able to access contact info related to notifications in Notification Center

[Apple IOHIDFamily] An app may be able to cause unexpected system termination

[Apple Bluetooth] An app may be able to access sensitive user data

[Apple StorageKit] An app may be able to gain root privileges

[Apple CoreServices] A malicious app may be able to access private information

[Apple Bluetooth] An app may be able to access sensitive user data

[Apple Touch Bar Controls] An app may be able to access sensitive user data

[Apple WindowServer] An app may be able to trick a user into copying sensitive data to the pasteboard

[Apple Touch Bar] An app may be able to access protected user data

[Apple AMD] An app may be able to cause unexpected system termination

[Apple StorageKit] An app may be able to access sensitive user data

[Apple MigrationKit] An app may be able to access user-sensitive data

[Apple DiskArbitration] A malicious app may be able to gain root privileges

[Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data

[Apple Sandbox] An app with root privileges may be able to access private information

[Apple MediaLibrary] An app may be able to access protected user data

[Apple AppKit] An app may be able to access protected user data

[Apple CloudKit] An app may be able to fingerprint the user

[Apple Icons] An app may be able to access sensitive user data

[Apple GPU Drivers] An app may be able to access sensitive user data

[Apple Safari] Visiting a malicious website may lead to address bar spoofing

[Apple Sandbox] An app may be able to access sensitive user data

[Apple Sandbox] An app may be able to break out of its sandbox

[Apple ATS] An app may be able to break out of its sandbox

[Apple AppleMobileFileIntegrity] An app may be able to access protected user data

[Apple Security Initialization] An app may be able to break out of its sandbox

[Apple Spotlight] An app may be able to gain root privileges

[Apple AppleMobileFileIntegrity] An app may be able to break out of its sandbox

[Apple Storage] An app may be able to gain root privileges

[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash

[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash

[Apple Apple Neural Engine] An app may be able to cause unexpected system termination

[Apple Kernel] An app may be able to access sensitive user data

[Apple Audio] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process mem…

[Apple System] An input validation issue was addressed

[Apple CoreAudio] Processing a maliciously crafted video file may lead to unexpected app termination

[Apple Libinfo] Processing a maliciously crafted string may lead to heap corruption

[Apple Bluetooth] An app may be able to access sensitive user data

[Apple MobileStorageMounter] An app may be able to cause a denial-of-service

[Apple WebKit] A website may be able to access sensor information without user consent

[Apple Call History] An app may be able to fingerprint the user

[Apple Shortcuts] A shortcut may be able to bypass sandbox restrictions

[Apple Kernel] A UDP server socket bound to a local interface may become bound to all interfaces

[Apple IOMobileFrameBuffer] An app may be able to disclose coprocessor memory

[Apple Siri] An app may be able to access protected user data

[Apple WebKit Process Model] Processing maliciously crafted web content may lead to an unexpected Safari crash

[Apple SharedFileList] An app may be able to access protected user data

[Apple WebKit] Processing maliciously crafted web content may lead to memory corruption