apple

8,635 tracked vulnerabilities.

CVE-2026-28889 MEDIUM
Apple Xcode <26.4 - Privilege Escalation
Mar 25, 2026
CVSS 6.2
EPSS 0.00
CVE-2026-28888 MEDIUM
macOS <14.8.5 - Privilege Escalation
Mar 25, 2026
CVSS 5.1
EPSS 0.00
CVE-2026-28886 MEDIUM
iOS and iPadOS < 18.7.7 - Denial of Service via Null Pointer Dereference
Mar 25, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-28882 MEDIUM
iOS and iPadOS < 18.7.9 and < 26.4 - Unauthenticated App Enumeration
Mar 25, 2026
CVSS 4.0
EPSS 0.00
CVE-2026-28881 MEDIUM
Apple macOS <26.4 - Info Disclosure
Mar 25, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-28880 MEDIUM
iOS and iPadOS < 18.7.7 - Unauthenticated App Enumeration via Permissions Issue
Mar 25, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-28879 MEDIUM
iOS and iPadOS < 18.7.7 - Use-After-Free
Mar 25, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-28878 MEDIUM
iOS and iPadOS < 18.7.7 - Unauthorized App Enumeration
Mar 25, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-28877 MEDIUM
iOS/iPadOS <18.7.9, macOS <15.7.5/<14.8.5, visionOS/watchOS <26.4 - Sensitive Data Exposure
Mar 25, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-28876 HIGH
iOS and iPadOS < 18.7.7 - Unprotected User Data Exposure via Path Handling Issue
Mar 25, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-28875 HIGH
iOS and iPadOS < 26.4 - Denial of Service via Buffer Overflow
Mar 25, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-28874 HIGH
iOS and iPadOS < 26.4 - Denial of Service
Mar 25, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-28871 MEDIUM
Safari < 26.4 - Cross-Site Scripting via Maliciously Crafted Website
Mar 25, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-28870 MEDIUM
iOS and iPadOS < 18.7.9 and < 26.4 - Unprotected User Data Exposure
Mar 25, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-28868 MEDIUM
iOS and iPadOS < 18.7.7 - Sensitive Information Disclosure via Log File Insertion
Mar 25, 2026
CVSS 5.5
EPSS 0.00
CVE-2026-28867 MEDIUM
iOS and iPadOS < 18.7.7 - Unauthenticated Kernel State Leak
Mar 25, 2026
CVSS 6.2
EPSS 0.00
CVE-2026-28866 MEDIUM
iOS and iPadOS < 18.7.7 - Unauthenticated Sensitive Data Exposure via Symlink Validation Bypass
Mar 25, 2026
CVSS 6.2
EPSS 0.00
CVE-2026-28865 HIGH
iOS and iPadOS < 18.7.7 - Authentication Bypass via Improved State Management
Mar 25, 2026
CVSS 7.5
EPSS 0.00
CVE-2026-28864 LOW
iOS and iPadOS < 18.7.7 - Incorrect Authorization
Mar 25, 2026
CVSS 3.3
EPSS 0.00
CVE-2026-28863 MEDIUM
iOS and iPadOS < 26.4 - Unauthorized User Fingerprinting via Permissions Issue
Mar 25, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-28862 MEDIUM
macOS < 14.8.5, < 15.7.5, < 26.4 - Unprotected User Data Exposure via Log Entry Redaction
Mar 25, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-28861 MEDIUM
Safari < 26.4 - Cross-Site Scripting via Script Message Handler Origin Confusion
Mar 25, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-28859 MEDIUM
Safari < 26.4 - Out-of-bounds Read
Mar 25, 2026
CVSS 4.3
EPSS 0.00
CVE-2026-28858 CRITICAL
iOS and iPadOS < 26.4 - Remote Denial of Service and Memory Corruption via Buffer Overflow
Mar 25, 2026
CVSS 9.8
EPSS 0.00
CVE-2026-28857 MEDIUM
Safari < 26.4 - Out-of-bounds Read via Malicious Web Content
Mar 25, 2026
CVSS 6.5
EPSS 0.00
Products
iphone_os 4,014 mac_os_x 3,210 macos 2,696 tvos 2,004 ipados 1,897 watchos 1,778 safari 1,598 macOS 1,296 itunes 922 iOS and iPadOS 762 mac_os_x_server 655 visionOS 456 icloud 449 watchOS 434 visionos 433 tvOS 402 webkit 258 quicktime 246 Safari 180 iPadOS 131 xcode 95 ipad_os 89 cups 56 apple_tv 36 darwin_streaming_server 27 ipod_touch 18 Xcode 16 quicktime_streaming_server 16 airport_base_station_firmware 11 os_x_server 11
Quick Filters
Critical CVEs With Exploits In CISA KEV