Export limit exceeded: 13544 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13544 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-32016 | 2 Apple, Openclaw | 2 Macos, Openclaw | 2026-03-25 | 7 High |
| OpenClaw versions prior to 2026.2.22 on macOS contain a path validation bypass vulnerability in the exec-approval allowlist mode that allows local attackers to execute unauthorized binaries by exploiting basename-only allowlist entries. Attackers can execute same-name local binaries ./echo without approval when security=allowlist and ask=on-miss are configured, bypassing intended path-based policy restrictions. | ||||
| CVE-2026-20643 | 1 Apple | 4 Ios, Ipados, Iphone Os and 1 more | 2026-03-25 | 5.4 Medium |
| A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may bypass Same Origin Policy. | ||||
| CVE-2026-20651 | 1 Apple | 1 Macos | 2026-03-25 | N/A |
| A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user data. | ||||
| CVE-2026-20684 | 1 Apple | 1 Macos | 2026-03-25 | N/A |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.4. An app may bypass Gatekeeper checks. | ||||
| CVE-2026-28871 | 1 Apple | 3 Ios And Ipados, Macos, Safari | 2026-03-25 | N/A |
| A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack. | ||||
| CVE-2026-28826 | 1 Apple | 1 Macos | 2026-03-25 | N/A |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Tahoe 26.4. A malicious app may be able to break out of its sandbox. | ||||
| CVE-2026-20692 | 1 Apple | 2 Ios And Ipados, Macos | 2026-03-25 | N/A |
| A privacy issue was addressed with improved handling of user preferences. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. "Hide IP Address" and "Block All Remote Content" may not apply to all mail content. | ||||
| CVE-2026-28888 | 1 Apple | 1 Macos | 2026-03-25 | N/A |
| A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to gain root privileges. | ||||
| CVE-2026-28867 | 1 Apple | 5 Ios And Ipados, Macos, Tvos and 2 more | 2026-03-25 | N/A |
| This issue was addressed with improved authentication. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to leak sensitive kernel state. | ||||
| CVE-2026-28892 | 1 Apple | 1 Macos | 2026-03-25 | N/A |
| A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the file system. | ||||
| CVE-2026-20688 | 1 Apple | 3 Ios And Ipados, Macos, Visionos | 2026-03-25 | N/A |
| A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to break out of its sandbox. | ||||
| CVE-2026-20670 | 1 Apple | 1 Macos | 2026-03-25 | N/A |
| An authorization issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user data. | ||||
| CVE-2026-20631 | 1 Apple | 1 Macos | 2026-03-25 | N/A |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. A user may be able to elevate privileges. | ||||
| CVE-2026-28893 | 1 Apple | 1 Macos | 2026-03-25 | N/A |
| A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.4. A document may be written to a temporary file when using print preview. | ||||
| CVE-2026-28889 | 1 Apple | 1 Xcode | 2026-03-25 | N/A |
| A permissions issue was addressed with additional restrictions. This issue is fixed in Xcode 26.4. An app may be able to read arbitrary files as root. | ||||
| CVE-2026-28866 | 1 Apple | 2 Ios And Ipados, Macos | 2026-03-25 | N/A |
| This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data. | ||||
| CVE-2026-20693 | 1 Apple | 1 Macos | 2026-03-25 | N/A |
| This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An attacker with root privileges may be able to delete protected system files. | ||||
| CVE-2026-28831 | 1 Apple | 1 Macos | 2026-03-25 | N/A |
| An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data. | ||||
| CVE-2026-28827 | 1 Apple | 1 Macos | 2026-03-25 | N/A |
| A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to break out of its sandbox. | ||||
| CVE-2026-28870 | 1 Apple | 5 Ios And Ipados, Macos, Tvos and 2 more | 2026-03-25 | N/A |
| An information leakage was addressed with additional validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to access sensitive user data. | ||||