macOS Sequoia
by Apple Inc.
CVEs (390)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-28894 | 0.00 | — | 0.01 | Mar 25, 2026 | A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. A remote attacker may be able to cause a denial-of-service. | |||
| CVE-2026-20607 | 0.00 | — | 0.00 | Mar 25, 2026 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access protected user data. | |||
| CVE-2026-28827 | 0.00 | — | 0.00 | Mar 25, 2026 | A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to break out of its sandbox. | |||
| CVE-2026-28831 | 0.00 | — | 0.00 | Mar 25, 2026 | An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data. | |||
| CVE-2026-20688 | 0.00 | — | 0.00 | Mar 25, 2026 | A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to break out of its sandbox. | |||
| CVE-2026-28892 | 0.00 | — | 0.00 | Mar 25, 2026 | A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the file system. | |||
| CVE-2026-28867 | 0.00 | — | 0.00 | Mar 25, 2026 | This issue was addressed with improved authentication. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to leak sensitive kernel state. | |||
| CVE-2026-28888 | 0.00 | — | 0.00 | Mar 25, 2026 | A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to gain root privileges. | |||
| CVE-2026-20651 | 0.00 | — | 0.00 | Mar 25, 2026 | A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user data. | |||
| CVE-2026-20662 | 0.00 | — | 0.00 | Feb 11, 2026 | An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An attacker with physical access to a locked device may be able to view sensitive user information. | |||
| CVE-2026-20619 | 0.00 | — | 0.00 | Feb 11, 2026 | A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An app may be able to access sensitive user data. | |||
| CVE-2024-44210 | 0.00 | — | 0.00 | Jan 16, 2026 | This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data. | |||
| CVE-2025-43390 | 0.00 | — | 0.00 | Nov 4, 2025 | A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data. | |||
| CVE-2025-43387 | 0.00 | — | 0.00 | Nov 4, 2025 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. A malicious app may be able to gain root privileges. | |||
| CVE-2025-43377 | 0.00 | — | 0.00 | Nov 4, 2025 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to cause a denial-of-service. | |||
| CVE-2025-43399 | 0.00 | — | 0.01 | Nov 4, 2025 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to access protected user data. | |||
| CVE-2025-43481 | 0.00 | — | 0.00 | Nov 4, 2025 | This issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to break out of its sandbox. | |||
| CVE-2025-43281 | 0.00 | — | 0.00 | Oct 15, 2025 | The issue was addressed with improved authentication. This issue is fixed in macOS Sequoia 15.6. A local attacker may be able to elevate their privileges. | |||
| CVE-2024-54568 | 0.00 | — | 0.00 | Aug 29, 2025 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2. Parsing a maliciously crafted file may lead to an unexpected app termination. | |||
| CVE-2024-44271 | 0.00 | — | 0.00 | Aug 29, 2025 | The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app may be able to record the screen without an indicator. |
- CVE-2026-28894Mar 25, 2026risk 0.00cvss —epss 0.01
A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. A remote attacker may be able to cause a denial-of-service.
- CVE-2026-20607Mar 25, 2026risk 0.00cvss —epss 0.00
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access protected user data.
- CVE-2026-28827Mar 25, 2026risk 0.00cvss —epss 0.00
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to break out of its sandbox.
- CVE-2026-28831Mar 25, 2026risk 0.00cvss —epss 0.00
An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.
- CVE-2026-20688Mar 25, 2026risk 0.00cvss —epss 0.00
A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to break out of its sandbox.
- CVE-2026-28892Mar 25, 2026risk 0.00cvss —epss 0.00
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the file system.
- CVE-2026-28867Mar 25, 2026risk 0.00cvss —epss 0.00
This issue was addressed with improved authentication. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to leak sensitive kernel state.
- CVE-2026-28888Mar 25, 2026risk 0.00cvss —epss 0.00
A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to gain root privileges.
- CVE-2026-20651Mar 25, 2026risk 0.00cvss —epss 0.00
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user data.
- CVE-2026-20662Feb 11, 2026risk 0.00cvss —epss 0.00
An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An attacker with physical access to a locked device may be able to view sensitive user information.
- CVE-2026-20619Feb 11, 2026risk 0.00cvss —epss 0.00
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An app may be able to access sensitive user data.
- CVE-2024-44210Jan 16, 2026risk 0.00cvss —epss 0.00
This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data.
- CVE-2025-43390Nov 4, 2025risk 0.00cvss —epss 0.00
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data.
- CVE-2025-43387Nov 4, 2025risk 0.00cvss —epss 0.00
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. A malicious app may be able to gain root privileges.
- CVE-2025-43377Nov 4, 2025risk 0.00cvss —epss 0.00
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to cause a denial-of-service.
- CVE-2025-43399Nov 4, 2025risk 0.00cvss —epss 0.01
This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to access protected user data.
- CVE-2025-43481Nov 4, 2025risk 0.00cvss —epss 0.00
This issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to break out of its sandbox.
- CVE-2025-43281Oct 15, 2025risk 0.00cvss —epss 0.00
The issue was addressed with improved authentication. This issue is fixed in macOS Sequoia 15.6. A local attacker may be able to elevate their privileges.
- CVE-2024-54568Aug 29, 2025risk 0.00cvss —epss 0.00
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2. Parsing a maliciously crafted file may lead to an unexpected app termination.
- CVE-2024-44271Aug 29, 2025risk 0.00cvss —epss 0.00
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app may be able to record the screen without an indicator.
Page 16 of 20