CVE-2026-28909

• Apple Inc./Container

  cpe:2.3:a:apple:container:*:*:*:*:*:swift:*:*

  Range: <0.12.3

No patches discovered yet.

AI mechanics synthesis has not run for this CVE yet.

• github.com/apple/container/security/advisories/GHSA-m5rp-xcpf-r8m7nvdVendor Advisory

• Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own
  BleepingComputer · May 15, 2026
• Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
  BleepingComputer · May 14, 2026
• Fragnesia: New Linux kernel LPE bug was spawned by Dirty Frag patch (CVE-2026-46300)
  Help Net Security · May 14, 2026
• Browser Run: now running on Cloudflare Containers, it’s faster and more scalable
  Cloudflare Blog · May 13, 2026
• Fedora Hummingbird brings the container security model to a Linux host OS
  Help Net Security · May 12, 2026
• 20 Leaders Who Built the CISO Era: 2 Decades of Change
  Dark Reading · May 12, 2026
• Copy.Fail Linux Vulnerability
  Schneier on Security · May 12, 2026
• Red Hat extends open source technology into space
  Help Net Security · May 11, 2026
• ⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More
  The Hacker News · May 11, 2026
• Dirty Frag: Linux kernel hit by second major security flaw in two weeks
  The Record · May 11, 2026
• New ‘Dirty Frag’ Linux Vulnerability Possibly Exploited in Attacks
  SecurityWeek · May 11, 2026
• Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions
  The Hacker News · May 8, 2026
• After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets
  Dark Reading · May 7, 2026
• PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems
  The Hacker News · May 7, 2026
• Red Hat Enterprise Linux adds post-quantum security and AI-driven automation in latest releases
  Help Net Security · May 7, 2026
• Insights into the clustering and reuse of phone numbers in scam emails
  Cisco Talos Intelligence · May 6, 2026
• Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
  The Hacker News · May 5, 2026
• How the Story of a USB Penetration Test Went Viral
  Dark Reading · May 5, 2026
• Shadow IT has given way to shadow AI. Enter AI-BOMs
  The Register Security · May 4, 2026
• Shadow IT has given way to shadow AI. Enter AI-BOMs
  The Register Security · May 4, 2026
• ⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More
  The Hacker News · May 4, 2026
• Exploitation of ‘Copy Fail’ Linux Vulnerability Begins
  SecurityWeek · May 4, 2026
• CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV
  The Hacker News · May 3, 2026
• Introducing Dynamic Workflows: durable execution that follows the tenant
  Cloudflare Blog · May 1, 2026
• New infosec products of the month: April 2026
  Help Net Security · May 1, 2026
• Another AI-Assisted Software Scan Yields 9-Year-Old Linux Bug
  Dark Reading · Apr 30, 2026
• Great responsibility, without great power
  Cisco Talos Intelligence · Apr 30, 2026
• Copy Fail (CVE-2026-31431): Frequently asked questions about Linux kernel privilege escalation vulnerability
  Tenable Blog · Apr 30, 2026
• Nine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431)
  Help Net Security · Apr 30, 2026
• New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions
  The Hacker News · Apr 30, 2026
• Linux cryptographic code flaw offers fast route to root
  The Register Security · Apr 30, 2026
• Linux cryptographic code flaw offers fast route to root
  The Register Security · Apr 30, 2026
• GitHub: Zounds, a genuinely helpful AI-assisted bug report that isn't total slop! Here, Wiz, take this wad of cash
  The Register Security · Apr 29, 2026
• GitHub: Zounds, a genuinely helpful AI-assisted bug report that isn't total slop! Here, Wiz, take this wad of cash
  The Register Security · Apr 29, 2026
• VECT: Ransomware by design, Wiper by accident
  Check Point Research · Apr 28, 2026
• Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software
  The Hacker News · Apr 25, 2026
• AI is Changing Vulnerability Discovery and your Software Supply Chain Strategy has to Change with it
  Rapid7 Blog · Apr 23, 2026
• ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories
  The Hacker News · Apr 23, 2026
• ZDI-26-299: Docker Desktop Enhanced Container Isolation Exposed Dangerous Function Local Privilege Escalation Vulnerability
  Zero Day Initiative · Apr 23, 2026
• DPRK Fake Job Scams Self-Propagate in 'Contagious Interview'
  Dark Reading · Apr 22, 2026
• Cloudflare’s AI Platform: an inference layer designed for agents
  Cloudflare Blog · Apr 16, 2026
• ZDI-26-258: (0Day) Docker Desktop extension-manager Exposed Dangerous Function Local Privilege Escalation Vulnerability
  Zero Day Initiative · Apr 15, 2026
• ZDI-26-261: (0Day) Docker Desktop credentialHelper Directory Traversal Privilege Escalation Vulnerability
  Zero Day Initiative · Apr 15, 2026
• ZDI-26-260: (0Day) Docker Desktop System Editor Uncontrolled Search Path Element Privilege Escalation Vulnerability
  Zero Day Initiative · Apr 15, 2026
• ZDI-26-259: (0Day) Docker Desktop cli-plugins Incorrect Permission Assignment Local Privilege Escalation Vulnerability
  Zero Day Initiative · Apr 15, 2026
• Patch Tuesday - April 2026
  Rapid7 Blog · Apr 14, 2026
• ChatGPT Data Leakage via a Hidden Outbound Channel in the Code Execution Runtime
  Check Point Research · Mar 30, 2026
• AI Threat Landscape Digest January-February 2026
  Check Point Research · Mar 29, 2026
• Falcon AIDR Detects Threats at the Prompt Layer in Kubernetes AI Applications
  CrowdStrike Blog