CVE-2026-28954

HIGH

iOS and iPadOS < 18.7.9 and macOS < 14.8.7, < 15.7.7, < 26.5 - File Quarantine Bypass via Malicious Disk Image

Title source: llm
STIX 2.1

Description

A file quarantine bypass was addressed with additional checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A maliciously crafted disk image may bypass Gatekeeper checks.

References (4)

Core 4

Scores

CVSS v3 7.5
EPSS 0.0004
EPSS Percentile 13.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-290
Status published
Products (7)
Apple/iOS and iPadOS < 18.7.9
apple/ipados < 18.7.9
apple/iphone_os < 18.7.9
Apple/macOS < 14.8.7
Apple/macOS < 15.7.7
Apple/macOS < 26.5
apple/macos 14.0 - 14.8.7
Published May 11, 2026
Tracked Since May 12, 2026