{"cves":[{"cve_id":"CVE-2026-6318","summary":"Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00128,"ranking_epss":0.3218,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/495996858"],"published_time":"2026-04-15T20:16:42","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6313","summary":"Insufficient policy enforcement in CORS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)","cvss":3.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.1,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00886,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/498765210"],"published_time":"2026-04-15T20:16:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6314","summary":"Out of bounds write in GPU in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","cvss":8.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.3,"cvss_v4":null,"epss":0.00026,"ranking_epss":0.07258,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/498782145"],"published_time":"2026-04-15T20:16:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6316","summary":"Use after free in Forms in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00128,"ranking_epss":0.3218,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/499384399"],"published_time":"2026-04-15T20:16:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6317","summary":"Use after free in Cast in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00128,"ranking_epss":0.3218,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/500091052"],"published_time":"2026-04-15T20:16:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6308","summary":"Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00094,"ranking_epss":0.26209,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/497412658"],"published_time":"2026-04-15T20:16:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6309","summary":"Use after free in Viz in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","cvss":8.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.3,"cvss_v4":null,"epss":0.00036,"ranking_epss":0.1042,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/497846428"],"published_time":"2026-04-15T20:16:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6310","summary":"Use after free in Dawn in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","cvss":8.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.3,"cvss_v4":null,"epss":0.00036,"ranking_epss":0.1042,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/497969820"],"published_time":"2026-04-15T20:16:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6312","summary":"Insufficient policy enforcement in Passwords in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)","cvss":3.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.1,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00848,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/498269651"],"published_time":"2026-04-15T20:16:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6301","summary":"Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00033,"ranking_epss":0.09433,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/495273999"],"published_time":"2026-04-15T20:16:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6302","summary":"Use after free in Video in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00044,"ranking_epss":0.13367,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/495477995"],"published_time":"2026-04-15T20:16:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6303","summary":"Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00128,"ranking_epss":0.3218,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/496282147"],"published_time":"2026-04-15T20:16:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6304","summary":"Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","cvss":8.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.3,"cvss_v4":null,"epss":0.00036,"ranking_epss":0.1042,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/496393742"],"published_time":"2026-04-15T20:16:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6305","summary":"Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08135,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/496618639"],"published_time":"2026-04-15T20:16:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6306","summary":"Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00084,"ranking_epss":0.24477,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/496907110"],"published_time":"2026-04-15T20:16:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6307","summary":"Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00033,"ranking_epss":0.09433,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/497404188"],"published_time":"2026-04-15T20:16:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6296","summary":"Heap buffer overflow in ANGLE in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)","cvss":9.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.6,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06911,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/490170083"],"published_time":"2026-04-15T20:16:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6297","summary":"Use after free in Proxy in Google Chrome prior to 147.0.7727.101 allowed an attacker in a privileged network position to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)","cvss":8.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.3,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01076,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/493628982"],"published_time":"2026-04-15T20:16:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6298","summary":"Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Critical)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00924,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/495700484"],"published_time":"2026-04-15T20:16:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6299","summary":"Use after free in Prerender in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00044,"ranking_epss":0.13367,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/497053588"],"published_time":"2026-04-15T20:16:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-6300","summary":"Use after free in CSS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00044,"ranking_epss":0.13367,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/491994185"],"published_time":"2026-04-15T20:16:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-34631","summary":"InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06715,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/incopy/apsb26-33.html"],"published_time":"2026-04-14T22:16:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27287","summary":"InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.01938,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/incopy/apsb26-33.html"],"published_time":"2026-04-14T21:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-34618","summary":"Illustrator versions 30.2, 29.8.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06715,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb26-42.html"],"published_time":"2026-04-14T20:16:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-34630","summary":"Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06715,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/bridge/apsb26-39.html"],"published_time":"2026-04-14T20:16:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27289","summary":"Photoshop Desktop versions 27.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06715,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/photoshop/apsb26-40.html"],"published_time":"2026-04-14T20:16:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27310","summary":"Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":8e-05,"ranking_epss":0.00749,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/bridge/apsb26-39.html"],"published_time":"2026-04-14T20:16:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27311","summary":"Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":8e-05,"ranking_epss":0.00749,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/bridge/apsb26-39.html"],"published_time":"2026-04-14T20:16:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27312","summary":"Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":8e-05,"ranking_epss":0.00749,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/bridge/apsb26-39.html"],"published_time":"2026-04-14T20:16:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27313","summary":"Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06715,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/bridge/apsb26-39.html"],"published_time":"2026-04-14T20:16:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27222","summary":"Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Divide By Zero vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application or render it unresponsive. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.0445,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/bridge/apsb26-39.html"],"published_time":"2026-04-14T20:16:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-34622","summary":"Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":8.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.6,"cvss_v4":null,"epss":0.00217,"ranking_epss":0.44332,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/acrobat/apsb26-44.html"],"published_time":"2026-04-14T17:16:51","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-34626","summary":"Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary file system read in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":6.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.3,"cvss_v4":null,"epss":0.00055,"ranking_epss":0.17326,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/acrobat/apsb26-44.html"],"published_time":"2026-04-14T17:16:51","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27284","summary":"InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06715,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb26-32.html"],"published_time":"2026-04-14T17:16:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27285","summary":"InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application or disrupt its functionality. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.0445,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb26-32.html"],"published_time":"2026-04-14T17:16:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27286","summary":"InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05685,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb26-32.html"],"published_time":"2026-04-14T17:16:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27238","summary":"InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06715,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb26-32.html"],"published_time":"2026-04-14T17:16:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27283","summary":"InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00033,"ranking_epss":0.09351,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb26-32.html"],"published_time":"2026-04-14T17:16:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-34621","summary":"Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":8.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.6,"cvss_v4":null,"epss":0.04558,"ranking_epss":0.89211,"kev":true,"propose_action":"Adobe Acrobat and Reader contain a prototype pollution vulnerability that allows for arbitrary code execution.","ransomware_campaign":"Unknown","references":["https://helpx.adobe.com/security/products/acrobat/apsb26-43.html","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-34621"],"published_time":"2026-04-11T07:16:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5911","summary":"Policy bypass in ServiceWorkers in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09657,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/485785246"],"published_time":"2026-04-08T22:16:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5912","summary":"Integer overflow in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Low)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.001,"ranking_epss":0.27677,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/486498791"],"published_time":"2026-04-08T22:16:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5913","summary":"Out of bounds read in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Low)","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00086,"ranking_epss":0.24869,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/487195286"],"published_time":"2026-04-08T22:16:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5914","summary":"Type Confusion in CSS in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Low)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06208,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/490023239"],"published_time":"2026-04-08T22:16:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5915","summary":"Insufficient validation of untrusted input in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Low)","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.001,"ranking_epss":0.27673,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/494341335"],"published_time":"2026-04-08T22:16:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5918","summary":"Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03407,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/490139441"],"published_time":"2026-04-08T22:16:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5919","summary":"Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.11095,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/483423893"],"published_time":"2026-04-08T22:16:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5902","summary":"Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to corrupt media stream metadata via a crafted HTML page. (Chromium security severity: Low)","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00096,"ranking_epss":0.26618,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/483109205"],"published_time":"2026-04-08T22:16:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5903","summary":"Policy bypass in IFrameSandbox in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08875,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/483771899"],"published_time":"2026-04-08T22:16:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5904","summary":"Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Low)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08211,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/483851888"],"published_time":"2026-04-08T22:16:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5906","summary":"Incorrect security UI in Omnibox in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07941,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/484082189"],"published_time":"2026-04-08T22:16:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5907","summary":"Insufficient data validation in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted video file. (Chromium security severity: Low)","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00086,"ranking_epss":0.24869,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/484665123"],"published_time":"2026-04-08T22:16:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5908","summary":"Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00086,"ranking_epss":0.24869,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/485115554"],"published_time":"2026-04-08T22:16:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5909","summary":"Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00086,"ranking_epss":0.24869,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/485203821"],"published_time":"2026-04-08T22:16:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5910","summary":"Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00086,"ranking_epss":0.24869,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/485212874"],"published_time":"2026-04-08T22:16:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5892","summary":"Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. (Chromium security severity: Medium)","cvss":6.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.6,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07786,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/487568011"],"published_time":"2026-04-08T22:16:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5893","summary":"Race in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)","cvss":6.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.8,"cvss_v4":null,"epss":0.0003,"ranking_epss":0.08353,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/487768771"],"published_time":"2026-04-08T22:16:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5894","summary":"Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05562,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/481882038"],"published_time":"2026-04-08T22:16:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5895","summary":"Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. (Chromium security severity: Low)","cvss":5.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.4,"cvss_v4":null,"epss":0.00067,"ranking_epss":0.20794,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/374285495"],"published_time":"2026-04-08T22:16:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5896","summary":"Policy bypass in Audio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass sandbox download restrictions via a crafted HTML page. (Chromium security severity: Low)","cvss":6.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.1,"cvss_v4":null,"epss":0.0003,"ranking_epss":0.08412,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/40064543"],"published_time":"2026-04-08T22:16:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5897","summary":"Incorrect security UI in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00026,"ranking_epss":0.07265,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/419921726"],"published_time":"2026-04-08T22:16:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5898","summary":"Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00026,"ranking_epss":0.07265,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/470295118"],"published_time":"2026-04-08T22:16:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5899","summary":"Insufficient policy enforcement in History Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Low)","cvss":6.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02832,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/474817168"],"published_time":"2026-04-08T22:16:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5900","summary":"Policy bypass in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass of multi-download protections via a crafted HTML page. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08875,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/475265304"],"published_time":"2026-04-08T22:16:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5901","summary":"Insufficient policy enforcement in DevTools in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to bypass enterprise host restrictions for cookie modification via a crafted Chrome Extension. (Chromium security severity: Low)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05513,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/479673903"],"published_time":"2026-04-08T22:16:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5884","summary":"Insufficient validation of untrusted input in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00138,"ranking_epss":0.33574,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/484547633"],"published_time":"2026-04-08T22:16:28","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5885","summary":"Insufficient validation of untrusted input in WebML in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00044,"ranking_epss":0.13251,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/485203823"],"published_time":"2026-04-08T22:16:28","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5886","summary":"Out of bounds read in WebAudio in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.0003,"ranking_epss":0.08505,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/485397283"],"published_time":"2026-04-08T22:16:28","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5887","summary":"Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to bypass download restrictions via a crafted HTML page. (Chromium security severity: Medium)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.10152,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/486079015"],"published_time":"2026-04-08T22:16:28","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5888","summary":"Uninitialized Use in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08645,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/486506202"],"published_time":"2026-04-08T22:16:28","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5889","summary":"Cryptographic Flaw in PDFium in Google Chrome prior to 147.0.7727.55 allowed an attacker to read potentially sensitive information from encrypted PDFs via a brute-force attack. (Chromium security severity: Medium)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":6e-05,"ranking_epss":0.00426,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/486906037"],"published_time":"2026-04-08T22:16:28","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5890","summary":"Race in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07613,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/487259772"],"published_time":"2026-04-08T22:16:28","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5891","summary":"Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00054,"ranking_epss":0.16799,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/487471101"],"published_time":"2026-04-08T22:16:28","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5874","summary":"Use after free in PrivateAI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)","cvss":9.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.6,"cvss_v4":null,"epss":0.00118,"ranking_epss":0.30618,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/485397279"],"published_time":"2026-04-08T22:16:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5875","summary":"Policy bypass in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06915,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/430198264"],"published_time":"2026-04-08T22:16:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5876","summary":"Side-channel information leakage in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.1026,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/41485206"],"published_time":"2026-04-08T22:16:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5877","summary":"Use after free in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00139,"ranking_epss":0.34012,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/333024273"],"published_time":"2026-04-08T22:16:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5878","summary":"Incorrect security UI in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07941,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/365089001"],"published_time":"2026-04-08T22:16:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5879","summary":"Insufficient validation of untrusted input in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00148,"ranking_epss":0.35294,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/40073848"],"published_time":"2026-04-08T22:16:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5880","summary":"Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00026,"ranking_epss":0.07185,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/424995036"],"published_time":"2026-04-08T22:16:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5881","summary":"Policy bypass in LocalNetworkAccess in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06915,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/454162508"],"published_time":"2026-04-08T22:16:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5882","summary":"Incorrect security UI in Fullscreen in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07941,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/480993682"],"published_time":"2026-04-08T22:16:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5883","summary":"Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00129,"ranking_epss":0.32341,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/482958590"],"published_time":"2026-04-08T22:16:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5865","summary":"Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00104,"ranking_epss":0.283,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/491884710"],"published_time":"2026-04-08T22:16:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5866","summary":"Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00139,"ranking_epss":0.34012,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/492218537"],"published_time":"2026-04-08T22:16:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5867","summary":"Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08116,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/492668885"],"published_time":"2026-04-08T22:16:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5868","summary":"Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00091,"ranking_epss":0.25658,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/493256564"],"published_time":"2026-04-08T22:16:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5869","summary":"Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08116,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/493708165"],"published_time":"2026-04-08T22:16:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5870","summary":"Integer overflow in Skia in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00102,"ranking_epss":0.28022,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/495534710"],"published_time":"2026-04-08T22:16:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5871","summary":"Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00104,"ranking_epss":0.283,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/495679730"],"published_time":"2026-04-08T22:16:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5872","summary":"Use after free in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00139,"ranking_epss":0.34012,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/496281816"],"published_time":"2026-04-08T22:16:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5873","summary":"Out of bounds read and write in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00102,"ranking_epss":0.28022,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/496301615"],"published_time":"2026-04-08T22:16:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5858","summary":"Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00081,"ranking_epss":0.2378,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/493319454"],"published_time":"2026-04-08T22:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5859","summary":"Integer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0008,"ranking_epss":0.23545,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/494158331"],"published_time":"2026-04-08T22:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5860","summary":"Use after free in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00123,"ranking_epss":0.31419,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/486495143"],"published_time":"2026-04-08T22:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5861","summary":"Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00139,"ranking_epss":0.34012,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/486927780"],"published_time":"2026-04-08T22:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5862","summary":"Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00102,"ranking_epss":0.28022,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/470566252"],"published_time":"2026-04-08T22:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5863","summary":"Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00102,"ranking_epss":0.28022,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/484527367"],"published_time":"2026-04-08T22:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5864","summary":"Heap buffer overflow in WebAudio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08116,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/490642831"],"published_time":"2026-04-08T22:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-35560","summary":"Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 might allow a man-in-the-middle threat actor to intercept authentication credentials due to insufficient default transport security when connecting to identity providers. This only applies to connections with external identity providers and does not apply to connections with Athena.\n\nTo remediate this issue, users should upgrade to version 2.1.0.0.","cvss":9.1,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.4,"cvss_v4":9.1,"epss":0.00035,"ranking_epss":0.10156,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://aws.amazon.com/security/security-bulletins/2026-013-aws/","https://docs.aws.amazon.com/athena/latest/ug/odbc-v2-driver-release-notes.html","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Linux/AmazonAthenaODBC-2.1.0.0.rpm","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Mac/Intel/AmazonAthenaODBC-2.1.0.0_x86.pkg","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Mac/arm/AmazonAthenaODBC-2.1.0.0_arm.pkg","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Windows/AmazonAthenaODBC-2.1.0.0.msi"],"published_time":"2026-04-03T21:17:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-35561","summary":"Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to intercept or hijack authentication sessions due to insufficient protections in the browser-based authentication flows.\n\nTo remediate this issue, users should upgrade to version 2.1.0.0.","cvss":9.1,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.4,"cvss_v4":9.1,"epss":0.0009,"ranking_epss":0.25397,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://aws.amazon.com/security/security-bulletins/2026-013-aws/","https://docs.aws.amazon.com/athena/latest/ug/odbc-v2-driver-release-notes.html","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Linux/AmazonAthenaODBC-2.1.0.0.rpm","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Mac/Intel/AmazonAthenaODBC-2.1.0.0_x86.pkg","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Mac/arm/AmazonAthenaODBC-2.1.0.0_arm.pkg","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Windows/AmazonAthenaODBC-2.1.0.0.msi"],"published_time":"2026-04-03T21:17:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-35562","summary":"Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to cause a denial of service by delivering crafted input that triggers excessive resource consumption during the driver's parsing operations.\n\nTo remediate this issue, users should upgrade to version 2.1.0.0.","cvss":8.7,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":8.7,"epss":0.00105,"ranking_epss":0.28525,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://aws.amazon.com/security/security-bulletins/2026-013-aws/","https://docs.aws.amazon.com/athena/latest/ug/odbc-v2-driver-release-notes.html","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Linux/AmazonAthenaODBC-2.1.0.0.rpm","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Mac/Intel/AmazonAthenaODBC-2.1.0.0_x86.pkg","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Mac/arm/AmazonAthenaODBC-2.1.0.0_arm.pkg","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Windows/AmazonAthenaODBC-2.1.0.0.msi"],"published_time":"2026-04-03T21:17:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-35558","summary":"Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to execute arbitrary code or redirect authentication flows by using specially crafted connection parameters that are processed by the driver during user-initiated authentication.\n\nTo remediate this issue, users should upgrade to version 2.1.0.0.","cvss":7.3,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":7.3,"epss":0.00154,"ranking_epss":0.36091,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://aws.amazon.com/security/security-bulletins/2026-013-aws/","https://docs.aws.amazon.com/athena/latest/ug/odbc-v2-driver-release-notes.html","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Linux/AmazonAthenaODBC-2.1.0.0.rpm","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Mac/Intel/AmazonAthenaODBC-2.1.0.0_x86.pkg","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Mac/arm/AmazonAthenaODBC-2.1.0.0_arm.pkg","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Windows/AmazonAthenaODBC-2.1.0.0.msi"],"published_time":"2026-04-03T21:17:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-35559","summary":"Out-of-bounds write in the query processing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to crash the driver by using specially crafted data that is processed by the driver during query operations.\n\nTo remediate this issue, users should upgrade to version 2.1.0.0.","cvss":7.1,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":7.1,"epss":0.00073,"ranking_epss":0.22226,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://aws.amazon.com/security/security-bulletins/2026-013-aws/","https://docs.aws.amazon.com/athena/latest/ug/odbc-v2-driver-release-notes.html","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Linux/AmazonAthenaODBC-2.1.0.0.rpm","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Mac/Intel/AmazonAthenaODBC-2.1.0.0_x86.pkg","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Mac/arm/AmazonAthenaODBC-2.1.0.0_arm.pkg","https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Windows/AmazonAthenaODBC-2.1.0.0.msi"],"published_time":"2026-04-03T21:17:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43264","summary":"The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted image may corrupt process memory.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06871,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149"],"published_time":"2026-04-02T19:20:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43257","summary":"This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.6. An app may be able to break out of its sandbox.","cvss":8.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.7,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02013,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149"],"published_time":"2026-04-02T19:20:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43236","summary":"A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An attacker may be able to cause unexpected app termination.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":6e-05,"ranking_epss":0.00389,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151"],"published_time":"2026-04-02T19:20:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43238","summary":"An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01177,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151"],"published_time":"2026-04-02T19:20:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43219","summary":"The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted image may corrupt process memory.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06871,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149"],"published_time":"2026-04-02T19:20:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43210","summary":"An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.","cvss":6.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.3,"cvss_v4":null,"epss":0.00022,"ranking_epss":0.05987,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124148","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155"],"published_time":"2026-04-02T19:20:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43202","summary":"This issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6. Processing a file may lead to memory corruption.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05351,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124149"],"published_time":"2026-04-02T19:20:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-44303","summary":"The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.1. A malicious application may be able to modify protected parts of the file system.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00083,"ranking_epss":0.24304,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/121564"],"published_time":"2026-04-02T19:18:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-44286","summary":"This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. An attacker with physical access can input keyboard events to apps running on a locked device.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00083,"ranking_epss":0.24304,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/121564"],"published_time":"2026-04-02T19:18:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-44250","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.","cvss":8.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.2,"cvss_v4":null,"epss":0.00054,"ranking_epss":0.17021,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/121564"],"published_time":"2026-04-02T19:18:28","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-44219","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. A malicious application with root privileges may be able to access private information.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00085,"ranking_epss":0.24703,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/121564"],"published_time":"2026-04-02T19:18:23","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-40858","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. An app may be able to access Contacts without user consent.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00062,"ranking_epss":0.1935,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/121564"],"published_time":"2026-04-02T19:17:59","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-40849","summary":"A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.1. An app may be able to break out of its sandbox.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00073,"ranking_epss":0.22226,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/121564"],"published_time":"2026-04-02T19:17:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-30867","summary":"CocoaMQTT is a MQTT 5.0 client library for iOS and macOS written in Swift. Prior to version 2.2.2, a vulnerability exists in the packet parsing logic of CocoaMQTT that allows an attacker (or a compromised/malicious MQTT broker) to remotely crash the host iOS/macOS/tvOS application. If an attacker publishes the 4-byte malformed payload to a shared topic with the RETAIN flag set to true, the MQTT broker will persist the payload. Any time a vulnerable client connects and subscribes to that topic, the broker will automatically push the malformed packet. The app will instantly crash in the background before the user can even interact with it. This effectively \"bricks\" the mobile application (a persistent DoS) until the retained message is manually wiped from the broker database. This issue has been patched in version 2.2.2.","cvss":5.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.7,"cvss_v4":null,"epss":0.00045,"ranking_epss":0.13748,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/emqx/CocoaMQTT/commit/010bca6f61b97d726252f61641d331a2bf82b338","https://github.com/emqx/CocoaMQTT/pull/659","https://github.com/emqx/CocoaMQTT/releases/tag/2.2.2","https://github.com/emqx/CocoaMQTT/security/advisories/GHSA-r3fr-7m74-q7g2"],"published_time":"2026-04-02T14:16:28","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5286","summary":"Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0008,"ranking_epss":0.23713,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/493900619"],"published_time":"2026-04-01T05:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5287","summary":"Use after free in PDF in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0008,"ranking_epss":0.23713,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/494644471"],"published_time":"2026-04-01T05:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5288","summary":"Use after free in WebView in Google Chrome on Android prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","cvss":9.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.6,"cvss_v4":null,"epss":0.00063,"ranking_epss":0.1948,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/495507390"],"published_time":"2026-04-01T05:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5289","summary":"Use after free in Navigation in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","cvss":9.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.6,"cvss_v4":null,"epss":0.00068,"ranking_epss":0.20966,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/495931147"],"published_time":"2026-04-01T05:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5290","summary":"Use after free in Compositing in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","cvss":9.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.6,"cvss_v4":null,"epss":0.00068,"ranking_epss":0.20966,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/496205576"],"published_time":"2026-04-01T05:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5291","summary":"Inappropriate implementation in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00026,"ranking_epss":0.07048,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/490118036"],"published_time":"2026-04-01T05:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5292","summary":"Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00063,"ranking_epss":0.1948,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/492213293"],"published_time":"2026-04-01T05:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5278","summary":"Use after free in Web MIDI in Google Chrome on Android prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00071,"ranking_epss":0.21757,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/490254128"],"published_time":"2026-04-01T05:16:01","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5279","summary":"Object corruption in V8 in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0008,"ranking_epss":0.23713,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/490642836"],"published_time":"2026-04-01T05:16:01","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5280","summary":"Use after free in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00071,"ranking_epss":0.21757,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/491515787"],"published_time":"2026-04-01T05:16:01","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5281","summary":"Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.03278,"ranking_epss":0.87196,"kev":true,"propose_action":"Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. This vulnerability could affect multiple Chromium-based products including, but not limited to, Google Chrome, Microsoft Edge, and Opera.","ransomware_campaign":"Unknown","references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/491518608","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-5281"],"published_time":"2026-04-01T05:16:01","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5282","summary":"Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00063,"ranking_epss":0.1948,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/491655161"],"published_time":"2026-04-01T05:16:01","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5283","summary":"Inappropriate implementation in ANGLE in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02506,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/492131521"],"published_time":"2026-04-01T05:16:01","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5284","summary":"Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.0008,"ranking_epss":0.23713,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/492139412"],"published_time":"2026-04-01T05:16:01","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5285","summary":"Use after free in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00071,"ranking_epss":0.21757,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/492228019"],"published_time":"2026-04-01T05:16:01","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5272","summary":"Heap buffer overflow in GPU in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06762,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/491732188"],"published_time":"2026-04-01T05:16:00","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5273","summary":"Use after free in CSS in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":6.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.3,"cvss_v4":null,"epss":0.00065,"ranking_epss":0.2013,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/493952652"],"published_time":"2026-04-01T05:16:00","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5274","summary":"Integer overflow in Codecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00068,"ranking_epss":0.20966,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/488596746"],"published_time":"2026-04-01T05:16:00","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5275","summary":"Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00072,"ranking_epss":0.21904,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/489494022"],"published_time":"2026-04-01T05:16:00","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5276","summary":"Insufficient policy enforcement in WebUSB in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00045,"ranking_epss":0.1367,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/489711638"],"published_time":"2026-04-01T05:16:00","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-5277","summary":"Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00086,"ranking_epss":0.24736,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html","https://issues.chromium.org/issues/489791424"],"published_time":"2026-04-01T05:16:00","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3776","summary":"The application does not validate the presence of required appearance (AP) data before accessing stamp annotation resources. When a PDF contains a stamp annotation missing its AP entry, the code continues to dereference the associated object without a prior null or validity check, which allows a crafted document to trigger a null pointer dereference and crash the application, resulting in denial of service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.0335,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.foxit.com/support/security-bulletins.html"],"published_time":"2026-04-01T02:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3777","summary":"The application does not properly validate the lifetime and validity of internal view cache pointers after JavaScript changes the document zoom and page state. When a script modifies the zoom property and then triggers a page change, the original view object may be destroyed while stale pointers are still kept and later dereferenced, which under crafted JavaScript and document structures can lead to a use-after-free condition and potentially allow arbitrary code execution.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03661,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.foxit.com/support/security-bulletins.html"],"published_time":"2026-04-01T02:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3778","summary":"The application does not detect or guard against cyclic PDF object references while handling JavaScript in PDF. When pages and annotations are crafted that reference each other in a loop, passing the document to APIs (e.g., SOAP) that perform deep traversal can cause uncontrolled recursion, stack exhaustion, and application crashes.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02604,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.foxit.com/support/security-bulletins.html"],"published_time":"2026-04-01T02:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27309","summary":"Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.10329,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb26-29.html"],"published_time":"2026-03-27T22:16:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-33874","summary":"Gematik Authenticator securely authenticates users for login to digital health applications. Starting in version 4.12.0 and prior to version 4.16.0, the Mac OS version of the Authenticator is vulnerable to remote code execution, triggered when victims open a malicious file. Update the gematik Authenticator to version 4.16.0 or greater to receive a patch. There are no known workarounds.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00074,"ranking_epss":0.2247,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/gematik/app-Authenticator/security/advisories/GHSA-mjgm-7hwc-qqcr"],"published_time":"2026-03-27T21:17:24","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-1561","summary":"IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is vulnerable to server-side request forgery (SSRF). This may allow remote attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.","cvss":5.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.4,"cvss_v4":null,"epss":0.00032,"ranking_epss":0.08997,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.ibm.com/support/pages/node/7267347"],"published_time":"2026-03-25T21:16:28","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-14915","summary":"IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty is affected by privilege escalation. A privileged user could gain additional access to the application server.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00036,"ranking_epss":0.10621,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.ibm.com/support/pages/node/7267345"],"published_time":"2026-03-25T21:16:24","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-14917","summary":"IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.3 IBM WebSphere Application Server Liberty could provide weaker than expected security when administering security settings.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.10888,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.ibm.com/support/pages/node/7267362"],"published_time":"2026-03-25T21:16:24","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28882","summary":"This issue was addressed with improved checks. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to enumerate a user's installed apps.","cvss":4.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.0,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02747,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126797","https://support.apple.com/en-us/126798","https://support.apple.com/en-us/126799"],"published_time":"2026-03-25T01:17:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28886","summary":"A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A user in a privileged network position may be able to cause a denial-of-service.","cvss":5.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.9,"cvss_v4":null,"epss":0.00062,"ranking_epss":0.19251,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796","https://support.apple.com/en-us/126797","https://support.apple.com/en-us/126798","https://support.apple.com/en-us/126799"],"published_time":"2026-03-25T01:17:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28888","summary":"A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to gain root privileges.","cvss":5.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.1,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.01957,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28891","summary":"A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to break out of its sandbox.","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.01974,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28892","summary":"A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the file system.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00946,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28893","summary":"A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.4. A document may be written to a temporary file when using print preview.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02449,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794"],"published_time":"2026-03-25T01:17:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28894","summary":"A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. A remote attacker may be able to cause a denial-of-service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00186,"ranking_epss":0.40443,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28870","summary":"An information leakage was addressed with additional validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01856,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126797","https://support.apple.com/en-us/126798","https://support.apple.com/en-us/126799"],"published_time":"2026-03-25T01:17:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28871","summary":"A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09999,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126800"],"published_time":"2026-03-25T01:17:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28876","summary":"A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to access sensitive user data.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.0005,"ranking_epss":0.1555,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796","https://support.apple.com/en-us/126799"],"published_time":"2026-03-25T01:17:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28877","summary":"An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00011,"ranking_epss":0.01429,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126798","https://support.apple.com/en-us/126799"],"published_time":"2026-03-25T01:17:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28878","summary":"A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to enumerate a user's installed apps.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00065,"ranking_epss":0.20027,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126796","https://support.apple.com/en-us/126797","https://support.apple.com/en-us/126798","https://support.apple.com/en-us/126799"],"published_time":"2026-03-25T01:17:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28879","summary":"A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.0004,"ranking_epss":0.11989,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796","https://support.apple.com/en-us/126797","https://support.apple.com/en-us/126798","https://support.apple.com/en-us/126799"],"published_time":"2026-03-25T01:17:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28880","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to enumerate a user's installed apps.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.0005,"ranking_epss":0.15398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796","https://support.apple.com/en-us/126799"],"published_time":"2026-03-25T01:17:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28881","summary":"A privacy issue was addressed by moving sensitive data. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07967,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794"],"published_time":"2026-03-25T01:17:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28859","summary":"The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A malicious website may be able to process restricted web content outside the sandbox.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00039,"ranking_epss":0.118,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126797","https://support.apple.com/en-us/126798","https://support.apple.com/en-us/126799","https://support.apple.com/en-us/126800"],"published_time":"2026-03-25T01:17:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28861","summary":"A logic issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. A malicious website may be able to access script message handlers intended for other origins.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.1033,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126799","https://support.apple.com/en-us/126800"],"published_time":"2026-03-25T01:17:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28862","summary":"A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access user-sensitive data.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00052,"ranking_epss":0.16319,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28864","summary":"This issue was addressed with improved permissions checking. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A local attacker may gain access to user's Keychain items.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00955,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796","https://support.apple.com/en-us/126798","https://support.apple.com/en-us/126799"],"published_time":"2026-03-25T01:17:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28865","summary":"An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An attacker in a privileged network position may be able to intercept network traffic.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00093,"ranking_epss":0.26018,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796","https://support.apple.com/en-us/126797","https://support.apple.com/en-us/126798","https://support.apple.com/en-us/126799"],"published_time":"2026-03-25T01:17:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28866","summary":"This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05305,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28867","summary":"This issue was addressed with improved authentication. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to leak sensitive kernel state.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00024,"ranking_epss":0.06338,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126797","https://support.apple.com/en-us/126798","https://support.apple.com/en-us/126799"],"published_time":"2026-03-25T01:17:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28868","summary":"A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. An app may be able to disclose kernel memory.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01744,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796","https://support.apple.com/en-us/126798","https://support.apple.com/en-us/126799"],"published_time":"2026-03-25T01:17:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28842","summary":"The issue was addressed with improved bounds checks. This issue is fixed in macOS Tahoe 26.4. A buffer overflow may result in memory corruption and unexpected app termination.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00056,"ranking_epss":0.17624,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794"],"published_time":"2026-03-25T01:17:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28844","summary":"A file access issue was addressed with improved input validation. This issue is fixed in macOS Tahoe 26.4. An attacker may gain access to protected parts of the file system.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.10287,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794"],"published_time":"2026-03-25T01:17:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28845","summary":"An authorization issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.4. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02465,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794"],"published_time":"2026-03-25T01:17:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28852","summary":"A stack overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to cause a denial-of-service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00024,"ranking_epss":0.06557,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126797","https://support.apple.com/en-us/126798","https://support.apple.com/en-us/126799"],"published_time":"2026-03-25T01:17:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28855","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3. An app may be able to access protected user data.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00039,"ranking_epss":0.11692,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126348"],"published_time":"2026-03-25T01:17:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28857","summary":"The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.11299,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126799","https://support.apple.com/en-us/126800"],"published_time":"2026-03-25T01:17:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28829","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the file system.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00011,"ranking_epss":0.01338,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28831","summary":"An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00011,"ranking_epss":0.01432,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28832","summary":"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to disclose kernel memory.","cvss":8.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.4,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02588,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28833","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. An app may be able to enumerate a user's installed apps.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.0245,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126799"],"published_time":"2026-03-25T01:17:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28834","summary":"A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to cause unexpected system termination.","cvss":5.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.1,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.01957,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28835","summary":"A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. Mounting a maliciously crafted SMB network share may lead to system termination.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.10856,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28837","summary":"A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00044,"ranking_epss":0.13306,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794"],"published_time":"2026-03-25T01:17:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28838","summary":"A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to break out of its sandbox.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00039,"ranking_epss":0.11552,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28839","summary":"The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00039,"ranking_epss":0.11519,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28841","summary":"A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Tahoe 26.4. A buffer overflow may result in memory corruption and unexpected app termination.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05408,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794"],"published_time":"2026-03-25T01:17:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28818","summary":"A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00039,"ranking_epss":0.11519,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28820","summary":"This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07519,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794"],"published_time":"2026-03-25T01:17:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28821","summary":"A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to gain elevated privileges.","cvss":8.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.4,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07361,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28822","summary":"A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An attacker may be able to cause unexpected app termination.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02625,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796","https://support.apple.com/en-us/126797","https://support.apple.com/en-us/126798","https://support.apple.com/en-us/126799"],"published_time":"2026-03-25T01:17:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28823","summary":"A path handling issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.4. An app with root privileges may be able to delete protected system files.","cvss":4.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.9,"cvss_v4":null,"epss":0.00036,"ranking_epss":0.10577,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794"],"published_time":"2026-03-25T01:17:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28824","summary":"An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00039,"ranking_epss":0.11519,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28825","summary":"An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the file system.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02765,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28826","summary":"A logic issue was addressed with improved restrictions. This issue is fixed in macOS Tahoe 26.4. A malicious app may be able to break out of its sandbox.","cvss":4.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.0,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.03835,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794"],"published_time":"2026-03-25T01:17:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28827","summary":"A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to break out of its sandbox.","cvss":9.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.3,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.03191,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28828","summary":"A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.0004,"ranking_epss":0.11958,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20692","summary":"A privacy issue was addressed with improved handling of user preferences. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. \"Hide IP Address\" and \"Block All Remote Content\" may not apply to all mail content.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.0004,"ranking_epss":0.12113,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20693","summary":"This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An attacker with root privileges may be able to delete protected system files.","cvss":4.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.9,"cvss_v4":null,"epss":0.00039,"ranking_epss":0.1165,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20694","summary":"This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Sonoma 14.8.5, macOS Tahoe 26.3, macOS Tahoe 26.4. An app may be able to access user-sensitive data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00912,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20695","summary":"An information disclosure issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to determine kernel memory layout.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02292,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20697","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.0004,"ranking_epss":0.11958,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20698","summary":"The issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to cause unexpected system termination or corrupt kernel memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00011,"ranking_epss":0.01352,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126797","https://support.apple.com/en-us/126798","https://support.apple.com/en-us/126799"],"published_time":"2026-03-25T01:17:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20699","summary":"A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3, macOS Tahoe 26.4. An app may be able to access user-sensitive data.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":6e-05,"ranking_epss":0.00387,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20701","summary":"An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to connect to a network share without user consent.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00052,"ranking_epss":0.16363,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28816","summary":"A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to delete files for which it does not have permission.","cvss":4.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.0,"cvss_v4":null,"epss":0.00022,"ranking_epss":0.05853,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28817","summary":"A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. A sandboxed process may be able to circumvent sandbox restrictions.","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.01974,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20665","summary":"This issue was addressed through improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00157,"ranking_epss":0.36504,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126797","https://support.apple.com/en-us/126798","https://support.apple.com/en-us/126799","https://support.apple.com/en-us/126800"],"published_time":"2026-03-25T01:17:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20668","summary":"A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3, visionOS 26.3. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01744,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126353","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20670","summary":"An authorization issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00011,"ranking_epss":0.0132,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126350"],"published_time":"2026-03-25T01:17:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20684","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.4. An app may bypass Gatekeeper checks.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02535,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794"],"published_time":"2026-03-25T01:17:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20687","summary":"A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, watchOS 26.4. An app may be able to cause unexpected system termination or write kernel memory.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01553,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126797","https://support.apple.com/en-us/126798"],"published_time":"2026-03-25T01:17:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20688","summary":"A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to break out of its sandbox.","cvss":9.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.3,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03352,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796","https://support.apple.com/en-us/126799"],"published_time":"2026-03-25T01:17:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20690","summary":"An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing an audio stream in a maliciously crafted media file may terminate the process.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.0004,"ranking_epss":0.11957,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796","https://support.apple.com/en-us/126797","https://support.apple.com/en-us/126798","https://support.apple.com/en-us/126799"],"published_time":"2026-03-25T01:17:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20691","summary":"An authorization issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A maliciously crafted webpage may be able to fingerprint the user.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.1033,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126798","https://support.apple.com/en-us/126799","https://support.apple.com/en-us/126800"],"published_time":"2026-03-25T01:17:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20631","summary":"A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. A user may be able to elevate privileges.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.10196,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794"],"published_time":"2026-03-25T01:17:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20632","summary":"A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00039,"ranking_epss":0.11636,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794"],"published_time":"2026-03-25T01:17:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20633","summary":"This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access user-sensitive data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00864,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20637","summary":"A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to cause unexpected system termination.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02625,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126351","https://support.apple.com/en-us/126352","https://support.apple.com/en-us/126353","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20639","summary":"An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3. Processing a maliciously crafted string may lead to heap corruption.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00052,"ranking_epss":0.16335,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20651","summary":"A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user data.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02292,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126795"],"published_time":"2026-03-25T01:17:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20657","summary":"The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5. Parsing a maliciously crafted file may lead to an unexpected app termination.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00047,"ranking_epss":0.1453,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20664","summary":"The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.11299,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126799","https://support.apple.com/en-us/126800"],"published_time":"2026-03-25T01:17:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20607","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access protected user data.","cvss":4.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.0,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02589,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126795","https://support.apple.com/en-us/126796"],"published_time":"2026-03-25T01:17:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20622","summary":"A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An app may be able to capture a user's screen.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.1134,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349"],"published_time":"2026-03-25T01:17:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4675","summary":"Heap buffer overflow in WebGL in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00073,"ranking_epss":0.22106,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html","https://issues.chromium.org/issues/488270257"],"published_time":"2026-03-24T01:17:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4676","summary":"Use after free in Dawn in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00118,"ranking_epss":0.30618,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html","https://issues.chromium.org/issues/488613135"],"published_time":"2026-03-24T01:17:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4677","summary":"Inappropriate implementation in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0008,"ranking_epss":0.23545,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html","https://issues.chromium.org/issues/490533968"],"published_time":"2026-03-24T01:17:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4678","summary":"Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00123,"ranking_epss":0.31419,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html","https://issues.chromium.org/issues/491164019"],"published_time":"2026-03-24T01:17:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4679","summary":"Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00109,"ranking_epss":0.29154,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html","https://issues.chromium.org/issues/491516670"],"published_time":"2026-03-24T01:17:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4680","summary":"Use after free in FedCM in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00139,"ranking_epss":0.34012,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html","https://issues.chromium.org/issues/491869946"],"published_time":"2026-03-24T01:17:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4673","summary":"Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00092,"ranking_epss":0.25747,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html","https://issues.chromium.org/issues/485397284"],"published_time":"2026-03-24T01:17:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4674","summary":"Out of bounds read in CSS in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00086,"ranking_epss":0.24869,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html","https://issues.chromium.org/issues/488188166"],"published_time":"2026-03-24T01:17:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4458","summary":"Use after free in Extensions in Google Chrome prior to 146.0.7680.153 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08211,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/489619753"],"published_time":"2026-03-20T02:16:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4459","summary":"Out of bounds read and write in WebAudio in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00074,"ranking_epss":0.22431,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/490246422"],"published_time":"2026-03-20T02:16:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4460","summary":"Out of bounds read in Skia in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0008,"ranking_epss":0.23717,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/490254124"],"published_time":"2026-03-20T02:16:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4461","summary":"Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0008,"ranking_epss":0.23717,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/490558172"],"published_time":"2026-03-20T02:16:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4462","summary":"Out of bounds read in Blink in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0008,"ranking_epss":0.23717,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/491080830"],"published_time":"2026-03-20T02:16:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4463","summary":"Heap buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00068,"ranking_epss":0.20875,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/491358681"],"published_time":"2026-03-20T02:16:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4464","summary":"Integer overflow in ANGLE in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0008,"ranking_epss":0.23717,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/487208468"],"published_time":"2026-03-20T02:16:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4451","summary":"Insufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00116,"ranking_epss":0.30315,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/487768779"],"published_time":"2026-03-20T02:16:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4453","summary":"Integer overflow in Dawn in Google Chrome on Mac prior to 146.0.7680.153 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08205,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/488400770"],"published_time":"2026-03-20T02:16:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4454","summary":"Use after free in Network in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00109,"ranking_epss":0.29228,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/488585488"],"published_time":"2026-03-20T02:16:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4455","summary":"Heap buffer overflow in PDFium in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00074,"ranking_epss":0.22278,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/488585504"],"published_time":"2026-03-20T02:16:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4456","summary":"Use after free in Digital Credentials API in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00109,"ranking_epss":0.29228,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/488617440"],"published_time":"2026-03-20T02:16:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4457","summary":"Type Confusion in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00082,"ranking_epss":0.23984,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/488803413"],"published_time":"2026-03-20T02:16:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4444","summary":"Stack buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00068,"ranking_epss":0.20875,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/486349161"],"published_time":"2026-03-20T02:16:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4445","summary":"Use after free in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00101,"ranking_epss":0.27756,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/486421953"],"published_time":"2026-03-20T02:16:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4446","summary":"Use after free in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00101,"ranking_epss":0.27756,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/486421954"],"published_time":"2026-03-20T02:16:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4447","summary":"Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00095,"ranking_epss":0.26347,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/486657483"],"published_time":"2026-03-20T02:16:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4448","summary":"Heap buffer overflow in ANGLE in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00074,"ranking_epss":0.22278,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/486972661"],"published_time":"2026-03-20T02:16:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4449","summary":"Use after free in Blink in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00109,"ranking_epss":0.29228,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/487117772"],"published_time":"2026-03-20T02:16:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4450","summary":"Out of bounds write in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00101,"ranking_epss":0.27869,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/487746373"],"published_time":"2026-03-20T02:16:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4439","summary":"Out of bounds memory access in WebGL in Google Chrome on Android prior to 146.0.7680.153 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00074,"ranking_epss":0.22431,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/475877320"],"published_time":"2026-03-20T02:16:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4440","summary":"Out of bounds read and write in WebGL in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Critical)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00074,"ranking_epss":0.22431,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/485935305"],"published_time":"2026-03-20T02:16:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4441","summary":"Use after free in Base in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00109,"ranking_epss":0.29228,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/489381399"],"published_time":"2026-03-20T02:16:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4442","summary":"Heap buffer overflow in CSS in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00074,"ranking_epss":0.22278,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/484751092"],"published_time":"2026-03-20T02:16:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-4443","summary":"Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00075,"ranking_epss":0.22619,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html","https://issues.chromium.org/issues/485292589"],"published_time":"2026-03-20T02:16:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-32016","summary":"OpenClaw versions prior to 2026.2.22 on macOS contain a path validation bypass vulnerability in the exec-approval allowlist mode that allows local attackers to execute unauthorized binaries by exploiting basename-only allowlist entries. Attackers can execute same-name local binaries ./echo without approval when security=allowlist and ask=on-miss are configured, bypassing intended path-based policy restrictions.","cvss":7.3,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":7.3,"epss":0.00013,"ranking_epss":0.0213,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/openclaw/openclaw/commit/dd41fadcaf58fd9deb963d6e163c56161e7b35dd","https://github.com/openclaw/openclaw/security/advisories/GHSA-7f4q-9rqh-x36p","https://www.vulncheck.com/advisories/openclaw-path-traversal-via-basename-only-allowlist-matching-on-macos"],"published_time":"2026-03-19T22:16:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20643","summary":"A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may bypass Same Origin Policy.","cvss":5.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.4,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.10783,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126604","https://support.apple.com/en-us/126792","https://support.apple.com/en-us/126793","https://support.apple.com/en-us/126794","https://support.apple.com/en-us/126799","https://support.apple.com/en-us/126800","http://seclists.org/fulldisclosure/2026/Mar/10"],"published_time":"2026-03-17T23:16:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3909","summary":"Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00288,"ranking_epss":0.52319,"kev":true,"propose_action":"Google Skia contains an out-of-bounds write vulnerability that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other products.","ransomware_campaign":"Unknown","references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_13.html","https://issues.chromium.org/issues/491421267","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-3909"],"published_time":"2026-03-13T19:55:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3910","summary":"Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00665,"ranking_epss":0.71267,"kev":true,"propose_action":"Google Chromium V8 contains an improper restriction of operations within the bounds of a memory buffer vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.","ransomware_campaign":"Unknown","references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_12.html","https://issues.chromium.org/issues/491410818","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-3910"],"published_time":"2026-03-13T19:55:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-43010","summary":"The issue was addressed with improved memory handling. This issue is fixed in iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 and iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0005,"ranking_epss":0.15537,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/120300","https://support.apple.com/en-us/120877","https://support.apple.com/en-us/120879","https://support.apple.com/en-us/126632","https://support.apple.com/en-us/126646","http://seclists.org/fulldisclosure/2026/Mar/1"],"published_time":"2026-03-12T01:15:54","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3934","summary":"Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07652,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/478783560"],"published_time":"2026-03-11T22:16:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3935","summary":"Incorrect security UI in WebAppInstalls in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07968,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/479326680"],"published_time":"2026-03-11T22:16:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3936","summary":"Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00118,"ranking_epss":0.30677,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/481920229"],"published_time":"2026-03-11T22:16:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3937","summary":"Incorrect security UI in Downloads in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08682,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/473118648"],"published_time":"2026-03-11T22:16:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3938","summary":"Insufficient policy enforcement in Clipboard in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.10214,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/474763968"],"published_time":"2026-03-11T22:16:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3939","summary":"Insufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted PDF file. (Chromium security severity: Low)","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07652,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/40058077"],"published_time":"2026-03-11T22:16:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3940","summary":"Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07652,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/470574526"],"published_time":"2026-03-11T22:16:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3941","summary":"Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.10814,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/474670215"],"published_time":"2026-03-11T22:16:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3942","summary":"Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08682,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/475238879"],"published_time":"2026-03-11T22:16:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3925","summary":"Incorrect security UI in LookalikeChecks in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00026,"ranking_epss":0.07195,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/418214610"],"published_time":"2026-03-11T22:16:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3926","summary":"Out of bounds read in V8 in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00094,"ranking_epss":0.26219,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/478659010"],"published_time":"2026-03-11T22:16:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3927","summary":"Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08682,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/474948986"],"published_time":"2026-03-11T22:16:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3928","summary":"Insufficient policy enforcement in Extensions in Google Chrome prior to 146.0.7680.71 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Medium)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03549,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/435980394"],"published_time":"2026-03-11T22:16:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3929","summary":"Side-channel information leakage in ResourceTiming in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)","cvss":3.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.1,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09951,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/477180001"],"published_time":"2026-03-11T22:16:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3930","summary":"Unsafe navigation in Navigation in Google Chrome on iOS prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07652,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/476898368"],"published_time":"2026-03-11T22:16:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3931","summary":"Heap buffer overflow in Skia in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00086,"ranking_epss":0.2482,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/417599694"],"published_time":"2026-03-11T22:16:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3932","summary":"Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07652,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/478296121"],"published_time":"2026-03-11T22:16:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3917","summary":"Use after free in Agents in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00128,"ranking_epss":0.32184,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/483569512"],"published_time":"2026-03-11T22:16:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3918","summary":"Use after free in WebMCP in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00118,"ranking_epss":0.30677,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/483853103"],"published_time":"2026-03-11T22:16:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3919","summary":"Use after free in Extensions in Google Chrome prior to 146.0.7680.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09955,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/444176961"],"published_time":"2026-03-11T22:16:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3920","summary":"Out of bounds memory access in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00087,"ranking_epss":0.24923,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/482875307"],"published_time":"2026-03-11T22:16:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3921","summary":"Use after free in TextEncoding in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00128,"ranking_epss":0.32184,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/484946544"],"published_time":"2026-03-11T22:16:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3922","summary":"Use after free in MediaStream in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00128,"ranking_epss":0.32184,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/485397139"],"published_time":"2026-03-11T22:16:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3923","summary":"Use after free in WebMIDI in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00118,"ranking_epss":0.30677,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/485935314"],"published_time":"2026-03-11T22:16:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3924","summary":"use after free in WindowDialog in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00128,"ranking_epss":0.32184,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/487338366"],"published_time":"2026-03-11T22:16:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3913","summary":"Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00079,"ranking_epss":0.23482,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/483445078"],"published_time":"2026-03-11T22:16:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3914","summary":"Integer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00087,"ranking_epss":0.24923,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/481776048"],"published_time":"2026-03-11T22:16:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3915","summary":"Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00079,"ranking_epss":0.23482,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/483971526"],"published_time":"2026-03-11T22:16:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3916","summary":"Out of bounds read in Web Speech in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","cvss":9.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.6,"cvss_v4":null,"epss":0.00087,"ranking_epss":0.24923,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/482828615"],"published_time":"2026-03-11T22:16:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27221","summary":"Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by an Improper Certificate Validation vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to spoof the identity of a signer. Exploitation of this issue requires user interaction.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.07005,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/acrobat/apsb26-26.html"],"published_time":"2026-03-10T22:16:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27278","summary":"Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00039,"ranking_epss":0.11463,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/acrobat/apsb26-26.html"],"published_time":"2026-03-10T22:16:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27220","summary":"Acrobat Reader versions 24.001.30307, 24.001.30308, 25.001.21265 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00039,"ranking_epss":0.11463,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/acrobat/apsb26-26.html"],"published_time":"2026-03-10T22:16:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-2713","summary":"IBM Trusteer Rapport installer 3.5.2309.290 IBM Trusteer Rapport could allow a local attacker to execute arbitrary code on the system, caused by DLL uncontrolled search path element vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system.","cvss":7.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.4,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.03903,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.ibm.com/support/pages/node/7263031"],"published_time":"2026-03-10T20:16:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27279","summary":"Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.10827,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb26-29.html"],"published_time":"2026-03-10T19:17:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27273","summary":"Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.10827,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb26-29.html"],"published_time":"2026-03-10T19:17:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27274","summary":"Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.10827,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb26-29.html"],"published_time":"2026-03-10T19:17:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27275","summary":"Substance3D - Stager versions 3.1.7 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.10827,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb26-29.html"],"published_time":"2026-03-10T19:17:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27276","summary":"Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00039,"ranking_epss":0.11463,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb26-29.html"],"published_time":"2026-03-10T19:17:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27277","summary":"Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00039,"ranking_epss":0.11463,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb26-29.html"],"published_time":"2026-03-10T19:17:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27269","summary":"Premiere Pro versions 25.5 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08208,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/premiere_pro/apsb26-28.html"],"published_time":"2026-03-10T19:17:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-26127","summary":"Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00115,"ranking_epss":0.30072,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26127"],"published_time":"2026-03-10T18:18:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-28727","summary":"Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124, Acronis True Image (macOS) before build 42902.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02381,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://security-advisory.acronis.com/advisories/SEC-9408"],"published_time":"2026-03-06T00:16:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-30413","summary":"Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40497, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.","cvss":4.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.03041,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://security-advisory.acronis.com/SEC-9386","https://security-advisory.acronis.com/advisories/SEC-8658"],"published_time":"2026-03-06T00:16:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-11790","summary":"Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 41124.","cvss":4.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03665,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://security-advisory.acronis.com/SEC-8658","https://security-advisory.acronis.com/advisories/SEC-9386"],"published_time":"2026-03-06T00:16:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-11791","summary":"Sensitive information disclosure and manipulation due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 41124.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02836,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://security-advisory.acronis.com/advisories/SEC-9405"],"published_time":"2026-03-06T00:16:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-30796","summary":"Cleartext Transmission of Sensitive Information vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux (Address book sync API modules) allows Sniffing Attacks. This vulnerability is associated with program files Closed source — API endpoint handling heartbeat sync and program routines Heartbeat API handler (accepts preset-address-book-password in plaintext).\n\nThis issue affects RustDesk Server Pro: through 1.7.5.","cvss":8.7,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":8.7,"epss":0.00023,"ranking_epss":0.06201,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub","https://rustdesk.com/docs/en/","https://www.vulsec.org/"],"published_time":"2026-03-05T16:16:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-30797","summary":"Missing Authorization vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, config import modules) allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files flutter/lib/common.Dart and program routines importConfig() via URI handler.\n\nThis issue affects RustDesk Client: through 1.4.5.","cvss":9.3,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":9.3,"epss":0.00061,"ranking_epss":0.19089,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub","https://rustdesk.com/docs/en/client/","https://www.vulsec.org/"],"published_time":"2026-03-05T16:16:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-30798","summary":"Insufficient Verification of Data Authenticity, Improper Handling of Exceptional Conditions vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop, strategy processing modules) allows Protocol Manipulation. This vulnerability is associated with program files src/hbbs_http/sync.Rs and program routines stop-service handler in heartbeat loop.\n\nThis issue affects RustDesk Client: through 1.4.5.","cvss":8.2,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":8.2,"epss":0.00031,"ranking_epss":0.08798,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub","https://rustdesk.com/docs/en/client/","https://www.vulsec.org/"],"published_time":"2026-03-05T16:16:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-30793","summary":"Cross-Site Request Forgery (CSRF) vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Flutter URI scheme handler, FFI bridge modules) allows Privilege Escalation. This vulnerability is associated with program files flutter/lib/common.Dart, src/flutter_ffi.Rs and program routines URI handler for rustdesk://password/, bind.MainSetPermanentPassword().\n\nThis issue affects RustDesk Client: through 1.4.5.","cvss":9.3,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":9.3,"epss":0.00038,"ranking_epss":0.11413,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub","https://github.com/rustdesk/hbb_common","https://github.com/rustdesk/rustdesk","https://www.vulsec.org/"],"published_time":"2026-03-05T16:16:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-30794","summary":"Improper Certificate Validation vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (HTTP API client, TLS transport modules) allows Adversary in the Middle (AiTM). This vulnerability is associated with program files src/hbbs_http/http_client.Rs and program routines TLS retry with danger_accept_invalid_certs(true).\n\nThis issue affects RustDesk Client: through 1.4.5.","cvss":9.1,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":9.1,"epss":0.00041,"ranking_epss":0.12346,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub","https://github.com/rustdesk/rustdesk","https://www.vulsec.org/"],"published_time":"2026-03-05T16:16:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-30795","summary":"Cleartext Transmission of Sensitive Information vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Heartbeat sync loop modules) allows Sniffing Attacks. This vulnerability is associated with program files src/hbbs_http/sync.Rs and program routines Heartbeat JSON payload construction (preset-address-book-password).\n\nThis issue affects RustDesk Client: through 1.4.5.","cvss":8.7,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":8.7,"epss":0.00022,"ranking_epss":0.059,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub","https://github.com/rustdesk/rustdesk","https://www.vulsec.org/"],"published_time":"2026-03-05T16:16:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-30785","summary":"Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution'), Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk, hbb_common on Windows, MacOS, Linux (Password security module, config encryption, machine UID modules) allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program files hbb_common/src/password_security.Rs, hbb_common/src/config.Rs, hbb_common/src/lib.Rs (get_uuid), machine-uid/src/lib.Rs and program routines symmetric_crypt(), encrypt_str_or_original(), decrypt_str_or_original(), get_uuid(), get_machine_id().\n\nThis issue affects RustDesk Client: through 1.4.5.","cvss":8.2,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":8.2,"epss":5e-05,"ranking_epss":0.00256,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub","https://github.com/rustdesk/rustdesk/discussions/4979","https://github.com/rustdesk/rustdesk/discussions/9229","https://www.vulsec.org/"],"published_time":"2026-03-05T16:16:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-30789","summary":"Authentication Bypass by Capture-replay, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android (Client login, peer authentication modules) allows Reusing Session IDs (aka Session Replay). This vulnerability is associated with program files src/client.Rs and program routines hash_password(), login proof construction.\n\nThis issue affects RustDesk Client: through 1.4.5.","cvss":9.3,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":9.3,"epss":0.00166,"ranking_epss":0.37732,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub","https://rustdesk.com/docs/en/client/","https://www.vulsec.org/"],"published_time":"2026-03-05T16:16:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-30790","summary":"Improper Restriction of Excessive Authentication Attempts, Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux (Peer authentication, API login modules), rustdesk-server RustDesk Server (OSS) rustdesk-server on Windows, MacOS, Linux (Peer authentication, API login modules) allows Password Brute Forcing. This vulnerability is associated with program files src/server/connection.Rs and program routines Salt/challenge generation, SHA256(SHA256(pwd+salt)+challenge) verification.\n\nThis issue affects RustDesk Server Pro: through 1.7.5; RustDesk Server (OSS): through 1.1.15.","cvss":9.3,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":9.3,"epss":0.00151,"ranking_epss":0.35741,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub","https://github.com/rustdesk","https://www.vulsec.org/"],"published_time":"2026-03-05T16:16:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-30792","summary":"A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Strategy sync, HTTP API client, config options engine modules) allows Application API Message Manipulation via Man-in-the-Middle. This vulnerability is associated with program files src/hbbs_http/sync.Rs, hbb_common/src/config.Rs and program routines Strategy merge loop in sync.Rs, Config::set_options().\n\nThis issue affects RustDesk Client: through 1.4.5.","cvss":9.1,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":9.1,"epss":0.00067,"ranking_epss":0.20577,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub","https://rustdesk.com/docs/en/self-host/client-configuration/advanced-settings/","https://www.vulsec.org/"],"published_time":"2026-03-05T16:16:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-30783","summary":"A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Client signaling, API sync loop, config management modules) allows Privilege Abuse. This vulnerability is associated with program files src/rendezvous_mediator.Rs, src/hbbs_http/sync.Rs and program routines API sync loop, api-server config handling.\n\nThis issue affects RustDesk Client: through 1.4.5.","cvss":8.8,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":8.8,"epss":0.00133,"ranking_epss":0.32854,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub","https://rustdesk.com/docs/en/client/","https://www.vulsec.org/"],"published_time":"2026-03-05T16:16:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3598","summary":"Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-server-pro RustDesk Server Pro rustdesk-server-pro on Windows, MacOS, Linux (Config string generation, web console export modules) allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program routines Config export/generation routines.\n\nThis issue affects RustDesk Server Pro: through 1.7.5.","cvss":8.7,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":8.7,"epss":0.00023,"ranking_epss":0.06116,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub","https://rustdesk.com/docs/en/client/","https://www.vulsec.org/"],"published_time":"2026-03-05T15:16:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-30791","summary":"Use of a Broken or Risky Cryptographic Algorithm vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS, Android, WebClient (Config import, URI scheme handler, CLI --config modules) allows Retrieve Embedded Sensitive Data. This vulnerability is associated with program files flutter/lib/common.Dart, hbb_common/src/config.Rs and program routines parseRustdeskUri(), importConfig().\n\nThis issue affects RustDesk Client: through 1.4.5.","cvss":8.7,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":8.7,"epss":0.00023,"ranking_epss":0.06116,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://docs.google.com/document/d/e/2PACX-1vSds6jjpd38oO_yIAyd1HYtKNUuea-I-ozAPpGhYI7QgAU-QGJ7D8a4rOZVj1vmiUXV1EcdRHf9aZAW/pub","https://rustdesk.com/docs/en/client/","https://www.vulsec.org/"],"published_time":"2026-03-05T15:16:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3540","summary":"Inappropriate implementation in WebAudio in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00081,"ranking_epss":0.23782,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/484088917"],"published_time":"2026-03-04T20:16:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3541","summary":"Inappropriate implementation in CSS in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00085,"ranking_epss":0.24627,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/484811719"],"published_time":"2026-03-04T20:16:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3542","summary":"Inappropriate implementation in WebAssembly in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00078,"ranking_epss":0.23295,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/485152421"],"published_time":"2026-03-04T20:16:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3543","summary":"Inappropriate implementation in V8 in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00085,"ranking_epss":0.24627,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/485267831"],"published_time":"2026-03-04T20:16:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3544","summary":"Heap buffer overflow in WebCodecs in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00093,"ranking_epss":0.25974,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/485683110"],"published_time":"2026-03-04T20:16:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3545","summary":"Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","cvss":9.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.6,"cvss_v4":null,"epss":0.00127,"ranking_epss":0.3202,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/487383169"],"published_time":"2026-03-04T20:16:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3536","summary":"Integer overflow in ANGLE in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00088,"ranking_epss":0.25063,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/485622239"],"published_time":"2026-03-04T20:16:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3537","summary":"Object lifecycle issue in PowerVR in Google Chrome on Android prior to 145.0.7632.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00089,"ranking_epss":0.25289,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/474266014"],"published_time":"2026-03-04T20:16:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3538","summary":"Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00088,"ranking_epss":0.25063,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/484983991"],"published_time":"2026-03-04T20:16:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3539","summary":"Object lifecycle issue in DevTools in Google Chrome prior to 145.0.7632.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.008,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/483853098"],"published_time":"2026-03-04T20:16:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3102","summary":"A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function SetMacOSTags of the file lib/Image/ExifTool/MacOS.pm of the component PNG File Parser. This manipulation of the argument DateTimeOriginal causes os command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized. Upgrading to version 13.50 is capable of addressing this issue. Patch name: e9609a9bcc0d32bd252a709a562fb822d6dd86f7. Upgrading the affected component is recommended.","cvss":5.3,"cvss_version":4.0,"cvss_v2":7.5,"cvss_v3":6.3,"cvss_v4":5.3,"epss":0.00226,"ranking_epss":0.45454,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/exiftool/exiftool/","https://github.com/exiftool/exiftool/commit/e9609a9bcc0d32bd252a709a562fb822d6dd86f7","https://github.com/exiftool/exiftool/releases/tag/13.50","https://vuldb.com/?ctiid.347528","https://vuldb.com/?id.347528","https://vuldb.com/?submit.758146","https://www.youtube.com/watch?v=akk0vmilfb4"],"published_time":"2026-02-24T15:21:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3063","summary":"Inappropriate implementation in DevTools in Google Chrome prior to 145.0.7632.116 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via DevTools. (Chromium security severity: High)","cvss":5.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.4,"cvss_v4":null,"epss":6e-05,"ranking_epss":0.00402,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_23.html","https://issues.chromium.org/issues/485287859"],"published_time":"2026-02-23T23:16:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3061","summary":"Out of bounds read in Media in Google Chrome prior to 145.0.7632.116 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)","cvss":9.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.1,"cvss_v4":null,"epss":0.0003,"ranking_epss":0.0851,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_23.html","https://issues.chromium.org/issues/482862710"],"published_time":"2026-02-23T23:16:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-3062","summary":"Out of bounds read and write in Tint in Google Chrome on Mac prior to 145.0.7632.116 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.0003,"ranking_epss":0.0851,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_23.html","https://issues.chromium.org/issues/483751167"],"published_time":"2026-02-23T23:16:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-27487","summary":"OpenClaw is a personal AI assistant. In versions 2026.2.13 and below, when using macOS, the Claude CLI keychain credential refresh path constructed a shell command to write the updated JSON blob into Keychain via security add-generic-password -w .... Because OAuth tokens are user-controlled data, this created an OS command injection risk. This issue has been fixed in version 2026.2.14.","cvss":7.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.6,"cvss_v4":null,"epss":0.00077,"ranking_epss":0.2293,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/openclaw/openclaw/commit/66d7178f2d6f9d60abad35797f97f3e61389b70c","https://github.com/openclaw/openclaw/commit/9dce3d8bf83f13c067bc3c32291643d2f1f10a06","https://github.com/openclaw/openclaw/commit/b908388245764fb3586859f44d1dff5372b19caf","https://github.com/openclaw/openclaw/pull/15924","https://github.com/openclaw/openclaw/releases/tag/v2026.2.14","https://github.com/openclaw/openclaw/security/advisories/GHSA-4564-pvr2-qq4h"],"published_time":"2026-02-21T10:16:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-26320","summary":"OpenClaw is a personal AI assistant. OpenClaw macOS desktop client registers the `openclaw://` URL scheme. For `openclaw://agent` deep links without an unattended `key`, the app shows a confirmation dialog that previously displayed only the first 240 characters of the message, but executed the full message after the user clicked \"Run.\" At the time of writing, the OpenClaw macOS desktop client is still in beta. In versions 2026.2.6 through 2026.2.13, an attacker could pad the message with whitespace to push a malicious payload outside the visible preview, increasing the chance a user approves a different message than the one that is actually executed. If a user runs the deep link, the agent may perform actions that can lead to arbitrary command execution depending on the user's configured tool approvals/allowlists. This is a social-engineering mediated vulnerability: the confirmation prompt could be made to misrepresent the executed message. The issue is fixed in 2026.2.14. Other mitigations include not approve unexpected \"Run OpenClaw agent?\" prompts triggered while browsing untrusted sites and usingunattended deep links only with a valid `key` for trusted personal automations.","cvss":7.1,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":7.1,"epss":0.00028,"ranking_epss":0.0798,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/openclaw/openclaw/commit/28d9dd7a772501ccc3f71457b4adfee79084fe6f","https://github.com/openclaw/openclaw/releases/tag/v2026.2.14","https://github.com/openclaw/openclaw/security/advisories/GHSA-7q2j-c4q5-rm27"],"published_time":"2026-02-19T23:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-2441","summary":"Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00354,"ranking_epss":0.57801,"kev":true,"propose_action":"Google Chromium CSS contains a use-after-free vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.","ransomware_campaign":"Unknown","references":["https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html","https://issues.chromium.org/issues/483569511","https://github.com/huseyinstif/CVE-2026-2441-PoC/blob/main/poc.html","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-2441"],"published_time":"2026-02-13T19:17:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20677","summary":"A race condition was addressed with improved handling of symbolic links. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. A shortcut may be able to bypass sandbox restrictions.","cvss":9.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.0,"cvss_v4":null,"epss":0.00074,"ranking_epss":0.22394,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126353"],"published_time":"2026-02-11T23:16:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20680","summary":"The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. A sandboxed app may be able to access sensitive user data.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02672,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20681","summary":"A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Tahoe 26.3. An app may be able to access information about a user's contacts.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.03206,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348"],"published_time":"2026-02-11T23:16:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20700","summary":"A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00352,"ranking_epss":0.57661,"kev":true,"propose_action":"Apple iOS, macOS, tvOS, watchOS, and visionOS contain an improper restriction of operations within the bounds of a memory buffer vulnerability that could allow an attacker with memory write the capability to execute arbitrary code.","ransomware_campaign":"Unknown","references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126351","https://support.apple.com/en-us/126352","https://support.apple.com/en-us/126353","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20700"],"published_time":"2026-02-11T23:16:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20666","summary":"An authorization issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02932,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348"],"published_time":"2026-02-11T23:16:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20667","summary":"A logic issue was addressed with improved checks. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, watchOS 26.3. An app may be able to break out of its sandbox.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04683,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126352"],"published_time":"2026-02-11T23:16:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20669","summary":"A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.0265,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348"],"published_time":"2026-02-11T23:16:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20671","summary":"A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker in a privileged network position may be able to intercept network traffic.","cvss":3.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.1,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.04205,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126351","https://support.apple.com/en-us/126352","https://support.apple.com/en-us/126353"],"published_time":"2026-02-11T23:16:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20673","summary":"A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. Turning off \"Load remote content in messages” may not apply to all mail previews.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02884,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20675","summary":"The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing a maliciously crafted image may lead to disclosure of user information.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01752,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126351","https://support.apple.com/en-us/126352","https://support.apple.com/en-us/126353","https://www.zerodayinitiative.com/advisories/ZDI-26-174/"],"published_time":"2026-02-11T23:16:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20676","summary":"This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00036,"ranking_epss":0.10572,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126353","https://support.apple.com/en-us/126354"],"published_time":"2026-02-11T23:16:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20652","summary":"The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A remote attacker may be able to cause a denial-of-service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00168,"ranking_epss":0.37972,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126353","https://support.apple.com/en-us/126354"],"published_time":"2026-02-11T23:16:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20653","summary":"A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02112,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126353"],"published_time":"2026-02-11T23:16:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20654","summary":"The issue was addressed with improved memory handling. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to cause unexpected system termination.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02432,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126351","https://support.apple.com/en-us/126352","https://support.apple.com/en-us/126353"],"published_time":"2026-02-11T23:16:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20656","summary":"A logic issue was addressed with improved validation. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3. An app may be able to access a user's Safari history.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01645,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126354"],"published_time":"2026-02-11T23:16:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20658","summary":"A package validation issue was addressed by blocking the vulnerable package. This issue is fixed in macOS Tahoe 26.3. An app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.03991,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348"],"published_time":"2026-02-11T23:16:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20660","summary":"A path handling issue was addressed with improved logic. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. A remote user may be able to write arbitrary files.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.05091,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126353","https://support.apple.com/en-us/126354","https://support.apple.com/en-us/126795"],"published_time":"2026-02-11T23:16:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20662","summary":"An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An attacker with physical access to a locked device may be able to view sensitive user information.","cvss":4.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.6,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.05062,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349"],"published_time":"2026-02-11T23:16:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20641","summary":"A privacy issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to identify what other apps a user has installed.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02228,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126351","https://support.apple.com/en-us/126352","https://support.apple.com/en-us/126353"],"published_time":"2026-02-11T23:16:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20644","summary":"The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00044,"ranking_epss":0.1347,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126353","https://support.apple.com/en-us/126354"],"published_time":"2026-02-11T23:16:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20646","summary":"A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.3. A malicious app may be able to read sensitive location information.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.03206,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348"],"published_time":"2026-02-11T23:16:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20647","summary":"This issue was addressed with improved data protection. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02951,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348"],"published_time":"2026-02-11T23:16:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20648","summary":"A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Tahoe 26.3. A malicious app may be able to access notifications from other iCloud devices.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02951,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348"],"published_time":"2026-02-11T23:16:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20649","summary":"A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, watchOS 26.3. A user may be able to view sensitive user information.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08128,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126351","https://support.apple.com/en-us/126352"],"published_time":"2026-02-11T23:16:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20650","summary":"A denial-of-service issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Bluetooth packets.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00067,"ranking_epss":0.20737,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126351","https://support.apple.com/en-us/126352","https://support.apple.com/en-us/126353"],"published_time":"2026-02-11T23:16:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20626","summary":"This issue was addressed with improved checks. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Tahoe 26.3, visionOS 26.3. A malicious app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.0204,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126353"],"published_time":"2026-02-11T23:16:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20627","summary":"An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3, watchOS 26.3. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07649,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126352","https://support.apple.com/en-us/126353"],"published_time":"2026-02-11T23:16:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20628","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to break out of its sandbox.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00011,"ranking_epss":0.01282,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126351","https://support.apple.com/en-us/126352","https://support.apple.com/en-us/126353"],"published_time":"2026-02-11T23:16:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20629","summary":"A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.3. An app may be able to access user-sensitive data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02851,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348"],"published_time":"2026-02-11T23:16:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20630","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.3. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.0171,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348"],"published_time":"2026-02-11T23:16:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20634","summary":"The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing a maliciously crafted image may result in disclosure of process memory.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02228,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126351","https://support.apple.com/en-us/126352","https://support.apple.com/en-us/126353"],"published_time":"2026-02-11T23:16:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20635","summary":"The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00049,"ranking_epss":0.15212,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126351","https://support.apple.com/en-us/126352","https://support.apple.com/en-us/126353","https://support.apple.com/en-us/126354"],"published_time":"2026-02-11T23:16:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20636","summary":"The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00041,"ranking_epss":0.12475,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126353","https://support.apple.com/en-us/126354"],"published_time":"2026-02-11T23:16:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20615","summary":"A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. An app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08605,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126353"],"published_time":"2026-02-11T23:16:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20616","summary":"An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termination.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00062,"ranking_epss":0.19277,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126353","https://www.zerodayinitiative.com/advisories/ZDI-26-176/"],"published_time":"2026-02-11T23:16:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20617","summary":"A race condition was addressed with improved state handling. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to gain root privileges.","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.01959,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126351","https://support.apple.com/en-us/126352","https://support.apple.com/en-us/126353"],"published_time":"2026-02-11T23:16:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20618","summary":"An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Tahoe 26.3. An app may be able to access user-sensitive data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03602,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348"],"published_time":"2026-02-11T23:16:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20619","summary":"A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01523,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349"],"published_time":"2026-02-11T23:16:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20620","summary":"An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An attacker may be able to cause unexpected system termination or read kernel memory.","cvss":7.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.7,"cvss_v4":null,"epss":6e-05,"ranking_epss":0.00305,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20621","summary":"The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. An app may be able to cause unexpected system termination or corrupt kernel memory.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02447,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126353"],"published_time":"2026-02-11T23:16:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20623","summary":"A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Tahoe 26.3. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.03193,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348"],"published_time":"2026-02-11T23:16:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20624","summary":"An injection issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":5e-05,"ranking_epss":0.00207,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20625","summary":"A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":4e-05,"ranking_epss":0.00195,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126353"],"published_time":"2026-02-11T23:16:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20602","summary":"The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to cause a denial-of-service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02382,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20603","summary":"This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Tahoe 26.3. An app with root privileges may be able to access private information.","cvss":4.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.04832,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348"],"published_time":"2026-02-11T23:16:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20605","summary":"The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to crash a system process.","cvss":4.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.6,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00798,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20606","summary":"This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to bypass certain Privacy preferences.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02206,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20608","summary":"This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02467,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126353","https://support.apple.com/en-us/126354"],"published_time":"2026-02-11T23:16:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20609","summary":"The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents.","cvss":4.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02475,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126351","https://support.apple.com/en-us/126352","https://support.apple.com/en-us/126353"],"published_time":"2026-02-11T23:16:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20610","summary":"This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Tahoe 26.3. An app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02303,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348"],"published_time":"2026-02-11T23:16:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20611","summary":"An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01815,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126346","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350","https://support.apple.com/en-us/126351","https://support.apple.com/en-us/126352","https://support.apple.com/en-us/126353","https://www.zerodayinitiative.com/advisories/ZDI-26-173/"],"published_time":"2026-02-11T23:16:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20612","summary":"A privacy issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01675,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20614","summary":"A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0003,"ranking_epss":0.08426,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:04","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46305","summary":"The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. A malicious HID device may cause an unexpected process crash.","cvss":5.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.7,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.0109,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125889","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46310","summary":"This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4. An attacker with root privileges may be able to delete protected system files.","cvss":6.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.0,"cvss_v4":null,"epss":5e-05,"ranking_epss":0.00249,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-20601","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.3. An app may be able to monitor keystrokes without user permission.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":5e-05,"ranking_epss":0.00245,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126348"],"published_time":"2026-02-11T23:16:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43417","summary":"A path handling issue was addressed with improved logic. This issue is fixed in macOS Sonoma 14.8.4, macOS Tahoe 26.2. An app may be able to access user-sensitive data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":4e-05,"ranking_epss":0.00171,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46290","summary":"A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. A remote attacker may be able to cause a denial-of-service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00104,"ranking_epss":0.28424,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125885","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46300","summary":"The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. A malicious HID device may cause an unexpected process crash.","cvss":5.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.7,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.0109,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125889","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46301","summary":"The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. A malicious HID device may cause an unexpected process crash.","cvss":5.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.7,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.0109,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125889","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46302","summary":"The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. A malicious HID device may cause an unexpected process crash.","cvss":5.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.7,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.0109,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125889","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46303","summary":"The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. A malicious HID device may cause an unexpected process crash.","cvss":5.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.7,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.0109,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125889","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46304","summary":"The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. A malicious HID device may cause an unexpected process crash.","cvss":5.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.7,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01094,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125889","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43403","summary":"An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01624,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2026-02-11T23:16:01","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-2319","summary":"Race in DevTools in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures and install a malicious extension to potentially exploit object corruption via a malicious file. (Chromium security severity: Medium)","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07872,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/40071155"],"published_time":"2026-02-11T19:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-2320","summary":"Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08682,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/435684924"],"published_time":"2026-02-11T19:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-2321","summary":"Use after free in Ozone in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00128,"ranking_epss":0.32184,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/461877477"],"published_time":"2026-02-11T19:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-2322","summary":"Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)","cvss":5.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.4,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05741,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/470928605"],"published_time":"2026-02-11T19:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-2323","summary":"Inappropriate implementation in Downloads in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01035,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/467442136"],"published_time":"2026-02-11T19:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-2313","summary":"Use after free in CSS in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0007,"ranking_epss":0.21488,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/467297219"],"published_time":"2026-02-11T19:15:51","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-2314","summary":"Heap buffer overflow in Codecs in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00047,"ranking_epss":0.14475,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/478560268"],"published_time":"2026-02-11T19:15:51","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-2315","summary":"Inappropriate implementation in WebGPU in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00032,"ranking_epss":0.09067,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/479242793"],"published_time":"2026-02-11T19:15:51","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-2316","summary":"Insufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08001,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/422531206"],"published_time":"2026-02-11T19:15:51","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-2317","summary":"Inappropriate implementation in Animation in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04422,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/464173573"],"published_time":"2026-02-11T19:15:51","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-2318","summary":"Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08682,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/363930141"],"published_time":"2026-02-11T19:15:51","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21344","summary":"Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08208,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb26-20.html"],"published_time":"2026-02-10T19:15:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21345","summary":"Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08208,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb26-20.html"],"published_time":"2026-02-10T19:15:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21346","summary":"Bridge versions 15.1.3, 16.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.10827,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/bridge/apsb26-21.html"],"published_time":"2026-02-10T19:15:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21347","summary":"Bridge versions 15.1.3, 16.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08208,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/bridge/apsb26-21.html"],"published_time":"2026-02-10T19:15:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21342","summary":"Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01637,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb26-20.html"],"published_time":"2026-02-10T19:15:56","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21343","summary":"Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08208,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb26-20.html"],"published_time":"2026-02-10T19:15:56","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21341","summary":"Substance3D - Stager versions 3.1.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.10827,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb26-20.html"],"published_time":"2026-02-10T19:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21350","summary":"After Effects versions 25.6 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05618,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/after_effects/apsb26-15.html"],"published_time":"2026-02-10T18:16:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21351","summary":"After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.01912,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/after_effects/apsb26-15.html"],"published_time":"2026-02-10T18:16:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21357","summary":"InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.00998,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb26-17.html"],"published_time":"2026-02-10T18:16:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21358","summary":"InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05618,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb26-17.html"],"published_time":"2026-02-10T18:16:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21332","summary":"InDesign Desktop versions 21.1, 20.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06841,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb26-17.html"],"published_time":"2026-02-10T18:16:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21324","summary":"After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02949,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/after_effects/apsb26-15.html"],"published_time":"2026-02-10T18:16:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21325","summary":"After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02949,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/after_effects/apsb26-15.html"],"published_time":"2026-02-10T18:16:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21326","summary":"After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.01912,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/after_effects/apsb26-15.html"],"published_time":"2026-02-10T18:16:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21327","summary":"After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01637,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/after_effects/apsb26-15.html"],"published_time":"2026-02-10T18:16:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21328","summary":"After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01637,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/after_effects/apsb26-15.html"],"published_time":"2026-02-10T18:16:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21329","summary":"After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.01912,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/after_effects/apsb26-15.html"],"published_time":"2026-02-10T18:16:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21330","summary":"After Effects versions 25.6 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.00998,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/after_effects/apsb26-15.html"],"published_time":"2026-02-10T18:16:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21318","summary":"After Effects versions 25.6 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01637,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/after_effects/apsb26-15.html"],"published_time":"2026-02-10T18:16:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21319","summary":"After Effects versions 25.6 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06841,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/after_effects/apsb26-15.html"],"published_time":"2026-02-10T18:16:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21320","summary":"After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.01912,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/after_effects/apsb26-15.html"],"published_time":"2026-02-10T18:16:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21321","summary":"After Effects versions 25.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.00998,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/after_effects/apsb26-15.html"],"published_time":"2026-02-10T18:16:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21322","summary":"After Effects versions 25.6 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02949,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/after_effects/apsb26-15.html"],"published_time":"2026-02-10T18:16:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21323","summary":"After Effects versions 25.6 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.01912,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/after_effects/apsb26-15.html"],"published_time":"2026-02-10T18:16:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21218","summary":"Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.13044,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21218"],"published_time":"2026-02-10T18:16:22","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-25157","summary":"OpenClaw is a personal AI assistant. Prior to version 2026.1.29, there is an OS command injection vulnerability via the Project Root Path in sshNodeCommand. The sshNodeCommand function constructed a shell script without properly escaping the user-supplied project path in an error message. When the cd command failed, the unescaped path was interpolated directly into an echo statement, allowing arbitrary command execution on the remote SSH host. The parseSSHTarget function did not validate that SSH target strings could not begin with a dash. An attacker-supplied target like -oProxyCommand=... would be interpreted as an SSH configuration flag rather than a hostname, allowing arbitrary command execution on the local machine. This issue has been patched in version 2026.1.29.","cvss":7.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.7,"cvss_v4":null,"epss":6e-05,"ranking_epss":0.00399,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/openclaw/openclaw/security/advisories/GHSA-q284-4pvr-m585"],"published_time":"2026-02-04T20:16:06","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-1861","summary":"Heap buffer overflow in libvpx in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09978,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/478942410"],"published_time":"2026-02-03T21:16:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-1862","summary":"Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00062,"ranking_epss":0.19236,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/479726070","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-1862"],"published_time":"2026-02-03T21:16:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-24070","summary":"During the installation of the Native Access application, a privileged helper `com.native-instruments.NativeAccess.Helper2`, which is used by Native Access to trigger functions via XPC communication like copy-file, remove or set-permissions, is deployed as well. The communication with the XPC service of the privileged helper is only allowed if the client process is signed with the corresponding certificate and fulfills the following code signing requirement:\n\"anchor trusted and certificate leaf[subject.CN] = \\\"Developer ID Application: Native Instruments GmbH (83K5EG6Z9V)\\\"\"\n\nThe Native Access application was found to be signed with the `com.apple.security.cs.allow-dyld-environment-variables` and `com.apple.security.cs.disable-library-validation` entitlements leading to DYLIB injection and therefore command execution in the context of this application. A low privileged user can exploit the DYLIB injection to trigger functions of the privileged helper XPC service resulting in privilege escalation by first deleting the /etc/sudoers file and then copying a malicious version of that file to /etc/sudoers.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":5e-05,"ranking_epss":0.00212,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-native-instruments-native-access-macos/"],"published_time":"2026-02-02T14:16:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-24687","summary":"Umbraco Forms is a form builder that integrates with the Umbraco content management system. It's possible for an authenticated backoffice-user to enumerate and traverse paths/files on the systems filesystem and read their contents, on Mac/Linux Umbraco installations using Forms. As Umbraco Cloud runs in a Windows environment, Cloud users aren't affected. This issue affects versions 16 and 17 of Umbraco Forms and is patched in 16.4.1 and 17.1.1. If upgrading is not immediately possible, users can mitigate this vulnerability by configuring a WAF or reverse proxy to block requests containing path traversal sequences (`../`, `..\\`) in the `fileName` parameter of the export endpoint, restricting network access to the Umbraco backoffice to trusted IP ranges, and/or blocking the `/umbraco/forms/api/v1/export` endpoint entirely if the export feature is not required. However, upgrading to the patched version is strongly recommended.","cvss":6.0,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":6.0,"epss":0.00023,"ranking_epss":0.06121,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/umbraco/Umbraco.Forms.Issues/security/advisories/GHSA-hm5p-82g6-m3xh"],"published_time":"2026-01-29T20:16:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46306","summary":"The issue was addressed with improved bounds checks. This issue is fixed in Keynote 15.1, iOS 26 and iPadOS 26, macOS Tahoe 26. Processing a maliciously crafted Keynote file may disclose memory contents.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02486,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/126254"],"published_time":"2026-01-28T18:16:49","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46316","summary":"An out-of-bounds read was addressed with improved input validation. This issue is fixed in Pages 15.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1. Processing a maliciously crafted Pages document may result in unexpected termination or disclosure of process memory.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.03124,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/126255"],"published_time":"2026-01-28T18:16:49","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-0906","summary":"Incorrect security UI  in Google Chrome on Android prior to 144.0.7559.59 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00126,"ranking_epss":0.31948,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html","https://issues.chromium.org/issues/467448811"],"published_time":"2026-01-20T05:16:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-0907","summary":"Incorrect security UI in Split View in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00126,"ranking_epss":0.31948,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html","https://issues.chromium.org/issues/444653104"],"published_time":"2026-01-20T05:16:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-0908","summary":"Use after free in ANGLE in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00047,"ranking_epss":0.14474,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html","https://issues.chromium.org/issues/452209503"],"published_time":"2026-01-20T05:16:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-0901","summary":"Inappropriate implementation in Blink in Google Chrome on Android prior to 144.0.7559.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)","cvss":5.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.4,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.11335,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html","https://issues.chromium.org/issues/40057499"],"published_time":"2026-01-20T05:16:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-0902","summary":"Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00105,"ranking_epss":0.28576,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html","https://issues.chromium.org/issues/469143679"],"published_time":"2026-01-20T05:16:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-0903","summary":"Inappropriate implementation in Downloads in Google Chrome on Windows prior to 144.0.7559.59 allowed a remote attacker to bypass dangerous file type protections via a malicious file. (Chromium security severity: Medium)","cvss":5.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.4,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.11384,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html","https://issues.chromium.org/issues/444803530"],"published_time":"2026-01-20T05:16:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-0904","summary":"Incorrect security UI in Digital Credentials in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)","cvss":5.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.4,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.11335,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html","https://issues.chromium.org/issues/452209495"],"published_time":"2026-01-20T05:16:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-0905","summary":"Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an attack who obtained a network log file to potentially obtain potentially sensitive information via a network log file. (Chromium security severity: Medium)","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00032,"ranking_epss":0.09282,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html","https://issues.chromium.org/issues/465466773"],"published_time":"2026-01-20T05:16:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-0900","summary":"Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.10143,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html","https://issues.chromium.org/issues/465730465"],"published_time":"2026-01-20T05:16:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-0899","summary":"Out of bounds memory access in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.10143,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html","https://issues.chromium.org/issues/458914193"],"published_time":"2026-01-20T05:16:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43508","summary":"A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":7e-05,"ranking_epss":0.00519,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634"],"published_time":"2026-01-16T18:16:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-44210","summary":"This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. An app may be able to access user-sensitive data.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05737,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/121564"],"published_time":"2026-01-16T18:16:05","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-50890","summary":"Owlfiles File Manager 12.0.1 contains a path traversal vulnerability in its built-in HTTP server that allows attackers to access system directories. Attackers can exploit the vulnerability by crafting GET requests with directory traversal sequences to access restricted system directories on the device.","cvss":8.7,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":8.7,"epss":0.00443,"ranking_epss":0.63354,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://apps.apple.com/us/app/owlfiles-file-manager/id510282524","https://www.exploit-db.com/exploits/51036","https://www.skyjos.com/","https://www.vulncheck.com/advisories/owlfiles-file-manager-path-traversal","https://www.exploit-db.com/exploits/51036"],"published_time":"2026-01-13T23:15:50","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-50891","summary":"Owlfiles File Manager 12.0.1 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts through the path parameter in HTTP server endpoints. Attackers can craft URLs targeting the download and list endpoints with embedded script tags to execute arbitrary JavaScript in users' browsers.","cvss":5.1,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":5.0,"cvss_v4":5.1,"epss":0.00061,"ranking_epss":0.19067,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://apps.apple.com/us/app/owlfiles-file-manager/id510282524","https://www.exploit-db.com/exploits/51036","https://www.skyjos.com/","https://www.vulncheck.com/advisories/owlfiles-file-manager-cross-site-scripting-via-http-server","https://www.exploit-db.com/exploits/51036"],"published_time":"2026-01-13T23:15:50","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21287","summary":"Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00045,"ranking_epss":0.13519,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb26-09.html"],"published_time":"2026-01-13T20:16:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21283","summary":"Bridge versions 15.1.2, 16.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09676,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/bridge/apsb26-07.html"],"published_time":"2026-01-13T19:16:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21288","summary":"Illustrator versions 29.8.3, 30.0 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00024,"ranking_epss":0.06529,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb26-03.html"],"published_time":"2026-01-13T19:16:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21304","summary":"InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09676,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb26-02.html"],"published_time":"2026-01-13T19:16:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21275","summary":"InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09676,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb26-02.html"],"published_time":"2026-01-13T19:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21276","summary":"InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09676,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb26-02.html"],"published_time":"2026-01-13T19:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21277","summary":"InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09676,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb26-02.html"],"published_time":"2026-01-13T19:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21278","summary":"InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08064,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb26-02.html"],"published_time":"2026-01-13T19:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21280","summary":"Illustrator versions 29.8.3, 30.0 and earlier are affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. If the application uses a search path to locate critical resources such as programs, an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is changed.","cvss":8.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.6,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09676,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb26-03.html"],"published_time":"2026-01-13T19:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21281","summary":"InCopy versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09676,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/incopy/apsb26-04.html"],"published_time":"2026-01-13T19:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21267","summary":"Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is changed.","cvss":8.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.6,"cvss_v4":null,"epss":0.00036,"ranking_epss":0.10748,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/dreamweaver/apsb26-01.html"],"published_time":"2026-01-13T19:16:24","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21268","summary":"Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is changed.","cvss":8.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.6,"cvss_v4":null,"epss":0.00067,"ranking_epss":0.20787,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/dreamweaver/apsb26-01.html"],"published_time":"2026-01-13T19:16:24","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21271","summary":"Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is changed.","cvss":8.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.6,"cvss_v4":null,"epss":0.00067,"ranking_epss":0.20787,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/dreamweaver/apsb26-01.html"],"published_time":"2026-01-13T19:16:24","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21272","summary":"Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system write. An attacker could leverage this vulnerability to manipulate or inject malicious data into files on the system. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is changed.","cvss":8.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.6,"cvss_v4":null,"epss":0.00048,"ranking_epss":0.14617,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/dreamweaver/apsb26-01.html"],"published_time":"2026-01-13T19:16:24","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2026-21274","summary":"Dreamweaver Desktop versions 21.6 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to bypass security measures and execute unauthorized code. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00052,"ranking_epss":0.16213,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/dreamweaver/apsb26-01.html"],"published_time":"2026-01-13T19:16:24","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46297","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.2. An app may be able to access protected files within an App Sandbox container.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04606,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886"],"published_time":"2026-01-09T22:15:59","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46298","summary":"The issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00053,"ranking_epss":0.164,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125889","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891","https://support.apple.com/en-us/125892"],"published_time":"2026-01-09T22:15:59","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46299","summary":"A memory initialization issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may disclose internal states of the app.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06061,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125889","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891","https://support.apple.com/en-us/125892"],"published_time":"2026-01-09T22:15:59","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-66723","summary":"inMusic Brands Engine DJ before 4.3.4 suffers from Insecure Permissions due to exposed HTTP service in the Remote Library, which allows attackers to access all files and network paths.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00022,"ranking_epss":0.05939,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/audiopump/cve-2025-66723","https://www.inmusicbrands.com/"],"published_time":"2025-12-30T21:15:44","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-66499","summary":"A heap-based buffer overflow vulnerability exists in the PDF parsing of Foxit PDF Reader when processing specially crafted JBIG2 data. An integer overflow in the calculation of the image buffer size may occur, potentially allowing a remote attacker to execute arbitrary code.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00054,"ranking_epss":0.17046,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.foxit.com/support/security-bulletins.html"],"published_time":"2025-12-19T07:16:03","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-66495","summary":"A use-after-free vulnerability exists in the annotation handling of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows and MacOS. When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced, potentially allowing a remote attacker to execute arbitrary code.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0006,"ranking_epss":0.1861,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.foxit.com/support/security-bulletins.html"],"published_time":"2025-12-19T07:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-66497","summary":"A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing PRC data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruption.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05265,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.foxit.com/support/security-bulletins.html"],"published_time":"2025-12-19T07:16:02","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-64723","summary":"Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS was configured with overly permissive security entitlements that could bypass macOS Hardened Runtime protections. This configuration allows attackers to inject malicious dynamic libraries into the application process, gaining access to all TCC (Transparency, Consent, and Control) permissions granted to the application. The fix is included starting from the `2.3.7 ` release.","cvss":4.8,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":4.4,"cvss_v4":4.8,"epss":0.00012,"ranking_epss":0.01657,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/arduino/arduino-ide/commit/1fa0fd31c8d6b62f19332e33713a8c5b0f4ed6f9","https://github.com/arduino/arduino-ide/pull/2805","https://github.com/arduino/arduino-ide/releases/tag/2.3.7","https://github.com/arduino/arduino-ide/security/advisories/GHSA-vf5j-xhwq-8vqj","https://support.arduino.cc/hc/en-us/articles/24329484618652-ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities"],"published_time":"2025-12-18T16:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-64724","summary":"Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS is installed with world-writable file permissions on sensitive application components, allowing any local user to replace legitimate files with malicious code. When another user launches the application, the malicious code executes with that user's privileges, enabling privilege escalation and unauthorized access to sensitive data. The fix is included starting from the `2.3.7` release.","cvss":4.8,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.3,"cvss_v4":4.8,"epss":0.0001,"ranking_epss":0.01162,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/arduino/arduino-ide/pull/2805/commits/5d282f38496e96dcba02818536c0835bd684ec98","https://github.com/arduino/arduino-ide/releases/tag/2.3.7","https://github.com/arduino/arduino-ide/security/advisories/GHSA-3fvj-pgqw-fgw6","https://support.arduino.cc/hc/en-us/articles/24329484618652-ASEC-25-004-Arduino-IDE-v2-3-7-Resolves-Multiple-Vulnerabilities"],"published_time":"2025-12-18T16:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46288","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. An app may be able to access sensitive payment tokens.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03395,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891"],"published_time":"2025-12-17T21:16:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46291","summary":"A logic issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.2. An app may bypass Gatekeeper checks.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01027,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886"],"published_time":"2025-12-17T21:16:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46277","summary":"A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, watchOS 26.2. An app may be able to access a user’s Safari history.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04743,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125890"],"published_time":"2025-12-17T21:16:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46278","summary":"The issue was addressed with improved handling of caches. This issue is fixed in macOS Tahoe 26.2. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06091,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886"],"published_time":"2025-12-17T21:16:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46279","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. An app may be able to identify what other apps a user has installed.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07371,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125885","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125889","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891"],"published_time":"2025-12-17T21:16:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46281","summary":"A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.2. An app may be able to break out of its sandbox.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00033,"ranking_epss":0.09491,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886"],"published_time":"2025-12-17T21:16:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46282","summary":"The issue was addressed with additional permissions checks. This issue is fixed in Safari 26.2, macOS Tahoe 26.2. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.04832,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125892"],"published_time":"2025-12-17T21:16:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46283","summary":"A logic issue was addressed with improved validation. This issue is fixed in macOS Sonoma 14.8.4, macOS Tahoe 26.2. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06091,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886","https://support.apple.com/en-us/126350"],"published_time":"2025-12-17T21:16:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43533","summary":"The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. A malicious HID device may cause an unexpected process crash.","cvss":5.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.7,"cvss_v4":null,"epss":0.00073,"ranking_epss":0.22223,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125889","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891","https://support.apple.com/en-us/126347","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2025-12-17T21:16:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43535","summary":"The issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00047,"ranking_epss":0.14359,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125885","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125891","https://support.apple.com/en-us/125892"],"published_time":"2025-12-17T21:16:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43536","summary":"A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00085,"ranking_epss":0.24551,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125885","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125892"],"published_time":"2025-12-17T21:16:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43541","summary":"A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00053,"ranking_epss":0.16676,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125885","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125891","https://support.apple.com/en-us/125892"],"published_time":"2025-12-17T21:16:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43526","summary":"This issue was addressed with improved URL validation. This issue is fixed in Safari 26.2, macOS Tahoe 26.2. On a Mac with Lockdown Mode enabled, web content opened via a file URL may be able to use Web APIs that should be restricted.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00074,"ranking_epss":0.2233,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125892"],"published_time":"2025-12-17T21:16:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43529","summary":"A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 was also issued in response to this report.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00175,"ranking_epss":0.39005,"kev":true,"propose_action":"Apple iOS, iPadOS, macOS, and other Apple products contain a use-after-free vulnerability in WebKit. Processing maliciously crafted web content may lead to memory corruption. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.","ransomware_campaign":"Unknown","references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125885","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125889","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891","https://support.apple.com/en-us/125892","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-43529"],"published_time":"2025-12-17T21:16:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43531","summary":"A race condition was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.","cvss":3.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.1,"cvss_v4":null,"epss":0.00168,"ranking_epss":0.37968,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125885","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125889","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891","https://support.apple.com/en-us/125892"],"published_time":"2025-12-17T21:16:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43514","summary":"The issue was addressed with improved handling of caches. This issue is fixed in macOS Tahoe 26.2. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06091,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886"],"published_time":"2025-12-17T21:16:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43501","summary":"A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00107,"ranking_epss":0.28961,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125885","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125891","https://support.apple.com/en-us/125892"],"published_time":"2025-12-17T21:16:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43428","summary":"A configuration issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Photos in the Hidden Photos Album may be viewed without authentication.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.0015,"ranking_epss":0.35529,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125891"],"published_time":"2025-12-17T21:16:01","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-46060","summary":"Anaconda3 macOS installers before 2024.06-1 contain a local privilege escalation vulnerability when installed outside the user's home directory. During installation, world-writable files are created and executed with root privileges. This allows a local low-privileged user to inject arbitrary commands, leading to code execution as the root user.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.11214,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://m8sec.dev/blog/privilege-escalation-macos-pkg-installers/","https://www.anaconda.com/docs/getting-started/anaconda/release/2024.x#anaconda-2024-06-1"],"published_time":"2025-12-17T19:16:00","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-46062","summary":"Miniconda3 macOS installers before 23.11.0-1 contain a local privilege escalation vulnerability when installed outside the user's home directory. During installation, world-writable files are created and executed with root privileges. This flaw allows a local low-privileged user to inject arbitrary commands, leading to code execution as the root user.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.11214,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://m8sec.dev/blog/privilege-escalation-macos-pkg-installers/","https://www.anaconda.com/docs/getting-started/miniconda/release/23.x#miniconda-23-11-0-1"],"published_time":"2025-12-17T19:16:00","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-14765","summary":"Use after free in WebGPU in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0018,"ranking_epss":0.39629,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_16.html","https://issues.chromium.org/issues/448294721"],"published_time":"2025-12-16T23:15:44","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-14766","summary":"Out of bounds read and write in V8 in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00144,"ranking_epss":0.34703,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_16.html","https://issues.chromium.org/issues/466786677"],"published_time":"2025-12-16T23:15:44","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-14714","summary":"An Authentication Bypass vulnerability existed where the application bundled an interpreter (Python) that inherits the Transparency, Consent, and Control (TCC) permissions granted by the user to the main application bundle\n\n\n\n\nBy executing the bundled interpreter directly the attacker's scripts run with the application's TCC privileges\n\n\n\n\nIn fixed versions parent-constraints are used to allow only the main application to launch interpreter with those permissions\n\nThis issue affects LibreOffice on macOS: from 25.2 before < 25.2.4.","cvss":0.9,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":0.9,"epss":0.00034,"ranking_epss":0.10004,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.libreoffice.org/about-us/security/advisories/cve-2025-14714"],"published_time":"2025-12-15T11:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46289","summary":"A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.04974,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887","https://support.apple.com/en-us/125888"],"published_time":"2025-12-12T21:15:58","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43522","summary":"A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to access user-sensitive data.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00924,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887"],"published_time":"2025-12-12T21:15:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43523","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00024,"ranking_epss":0.06287,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887"],"published_time":"2025-12-12T21:15:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43527","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.04969,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887"],"published_time":"2025-12-12T21:15:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43530","summary":"This issue was addressed with improved checks. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05367,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125885","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887","https://support.apple.com/en-us/125888"],"published_time":"2025-12-12T21:15:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43532","summary":"A memory corruption issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing malicious data may lead to unexpected app termination.","cvss":2.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":2.8,"cvss_v4":null,"epss":0.00026,"ranking_epss":0.07232,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125885","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887","https://support.apple.com/en-us/125888","https://support.apple.com/en-us/125889","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891"],"published_time":"2025-12-12T21:15:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43538","summary":"A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sonoma 14.8.3, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00856,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125885","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125888","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891"],"published_time":"2025-12-12T21:15:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43539","summary":"The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing a file may lead to memory corruption.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00061,"ranking_epss":0.18882,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125885","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887","https://support.apple.com/en-us/125888","https://support.apple.com/en-us/125889","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891"],"published_time":"2025-12-12T21:15:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43542","summary":"This issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Tahoe 26.2, visionOS 26.2. Password fields may be unintentionally revealed when remotely controlling a device over FaceTime.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.0004,"ranking_epss":0.12083,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125885","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887","https://support.apple.com/en-us/125891"],"published_time":"2025-12-12T21:15:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46276","summary":"An information disclosure issue was addressed with improved privacy controls. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05388,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125885","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887","https://support.apple.com/en-us/125888","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891"],"published_time":"2025-12-12T21:15:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46285","summary":"An integer overflow was addressed by adopting 64-bit timestamps. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. An app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05595,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125885","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887","https://support.apple.com/en-us/125888","https://support.apple.com/en-us/125889","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891"],"published_time":"2025-12-12T21:15:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-46287","summary":"An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. An attacker may be able to spoof their FaceTime caller ID.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00081,"ranking_epss":0.23845,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125885","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887","https://support.apple.com/en-us/125888","https://support.apple.com/en-us/125890","https://support.apple.com/en-us/125891"],"published_time":"2025-12-12T21:15:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43512","summary":"A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to elevate privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05379,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125885","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887","https://support.apple.com/en-us/125888"],"published_time":"2025-12-12T21:15:56","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43513","summary":"A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to read sensitive location information.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05158,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887","https://support.apple.com/en-us/125888"],"published_time":"2025-12-12T21:15:56","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43516","summary":"A session management issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. A user with Voice Control enabled may be able to transcribe another user's activity.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.04,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887","https://support.apple.com/en-us/125888"],"published_time":"2025-12-12T21:15:56","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43517","summary":"A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to access protected user data.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04698,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887","https://support.apple.com/en-us/125888"],"published_time":"2025-12-12T21:15:56","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43518","summary":"A logic issue was addressed with improved checks. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, watchOS 26.2. An app may be able to inappropriately access files through the spellcheck API.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.0467,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125884","https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887","https://support.apple.com/en-us/125888","https://support.apple.com/en-us/125890"],"published_time":"2025-12-12T21:15:56","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43519","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.12869,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887","https://support.apple.com/en-us/125888"],"published_time":"2025-12-12T21:15:56","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43520","summary":"A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious application may be able to cause unexpected system termination or write kernel memory.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00273,"ranking_epss":0.50785,"kev":true,"propose_action":"Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain a classic buffer overflow vulnerability which could allow a malicious application to cause unexpected system termination or write kernel memory.","ransomware_campaign":"Unknown","references":["https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125633","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636","https://support.apple.com/en-us/125637","https://support.apple.com/en-us/125638","https://support.apple.com/en-us/125639","https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain/","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-43520"],"published_time":"2025-12-12T21:15:56","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43521","summary":"A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01037,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887"],"published_time":"2025-12-12T21:15:56","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43470","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. A standard user may be able to view files made from a disk image belonging to an administrator.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.04141,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634"],"published_time":"2025-12-12T21:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43471","summary":"The issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02924,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634"],"published_time":"2025-12-12T21:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43473","summary":"This issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02924,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634"],"published_time":"2025-12-12T21:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43482","summary":"The issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to cause a denial-of-service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08687,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887","https://support.apple.com/en-us/125888"],"published_time":"2025-12-12T21:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43494","summary":"A mail header parsing issue was addressed with improved checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. An attacker may be able to cause a persistent denial-of-service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00144,"ranking_epss":0.34716,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125633","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636","https://support.apple.com/en-us/125638","https://support.apple.com/en-us/125639"],"published_time":"2025-12-12T21:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43497","summary":"An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to break out of its sandbox.","cvss":5.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.2,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02086,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634"],"published_time":"2025-12-12T21:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43506","summary":"A logic error was addressed with improved error handling. This issue is fixed in macOS Tahoe 26.1. iCloud Private Relay may not activate when more than one user is logged in at the same time.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.11257,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634"],"published_time":"2025-12-12T21:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43509","summary":"This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.04807,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887","https://support.apple.com/en-us/125888"],"published_time":"2025-12-12T21:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43510","summary":"A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious application may cause unexpected changes in memory shared between processes.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00511,"ranking_epss":0.66492,"kev":true,"propose_action":"Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability that could allow a malicious application to cause unexpected changes in memory shared between processes.","ransomware_campaign":"Unknown","references":["https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125633","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636","https://support.apple.com/en-us/125637","https://support.apple.com/en-us/125638","https://support.apple.com/en-us/125639","https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain/","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-43510"],"published_time":"2025-12-12T21:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43406","summary":"A logic issue was addressed with improved restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02816,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634"],"published_time":"2025-12-12T21:15:54","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43410","summary":"The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.2. An attacker with physical access may be able to view deleted notes.","cvss":2.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":2.4,"cvss_v4":null,"epss":0.00024,"ranking_epss":0.06414,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636","https://support.apple.com/en-us/125886"],"published_time":"2025-12-12T21:15:54","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43416","summary":"A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00041,"ranking_epss":0.12321,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125886","https://support.apple.com/en-us/125887","https://support.apple.com/en-us/125888"],"published_time":"2025-12-12T21:15:54","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43461","summary":"This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.0466,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634"],"published_time":"2025-12-12T21:15:54","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43463","summary":"A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02349,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125887","https://support.apple.com/en-us/125888"],"published_time":"2025-12-12T21:15:54","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43464","summary":"A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Tahoe 26.1. Visiting a website may lead to an app denial-of-service.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00068,"ranking_epss":0.20889,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634"],"published_time":"2025-12-12T21:15:54","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43465","summary":"A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.04245,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634"],"published_time":"2025-12-12T21:15:54","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43466","summary":"An injection issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04684,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634"],"published_time":"2025-12-12T21:15:54","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43467","summary":"This issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.1. An app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03778,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634"],"published_time":"2025-12-12T21:15:54","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43320","summary":"The issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26. An app may be able to bypass launch constraint protections and execute malicious code with elevated privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06212,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125887"],"published_time":"2025-12-12T21:15:53","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43351","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.01952,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634"],"published_time":"2025-12-12T21:15:53","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43381","summary":"This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Tahoe 26.1. A malicious app may be able to delete protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06648,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634"],"published_time":"2025-12-12T21:15:53","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43388","summary":"An injection issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.04295,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634"],"published_time":"2025-12-12T21:15:53","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43393","summary":"A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to break out of its sandbox.","cvss":5.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.2,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01667,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634"],"published_time":"2025-12-12T21:15:53","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43402","summary":"The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.1. An app may be able to cause unexpected system termination or corrupt process memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02941,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/126349","https://support.apple.com/en-us/126350"],"published_time":"2025-12-12T21:15:53","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43404","summary":"A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01667,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634"],"published_time":"2025-12-12T21:15:53","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-14373","summary":"Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.0005,"ranking_epss":0.15527,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/461532432"],"published_time":"2025-12-12T20:15:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-14174","summary":"Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.01047,"ranking_epss":0.77536,"kev":true,"propose_action":"Google Chromium contains an out of bounds memory access vulnerability in ANGLE that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.","ransomware_campaign":"Unknown","references":["https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/466192044","https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-14174"],"published_time":"2025-12-12T20:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-14372","summary":"Use after free in Password Manager in Google Chrome prior to 143.0.7499.110 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)","cvss":6.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00067,"ranking_epss":0.20622,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_10.html","https://issues.chromium.org/issues/460599518"],"published_time":"2025-12-12T20:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12843","summary":"Code Injection using Electron Fuses in waveterm on MacOS allows TCC Bypass.\nThis issue affects waveterm: 0.12.2.","cvss":6.9,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":6.9,"epss":0.00034,"ranking_epss":0.09816,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://fluidattacks.com/advisories/minutos","https://github.com/wavetermdev/waveterm","https://fluidattacks.com/advisories/minutos"],"published_time":"2025-12-12T16:15:42","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-59803","summary":"Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers (e.g., JavaScript) in a PDF document that execute during the signing process. When a signer reviews the document, the content appears normal. However, once the signature is applied, the triggers modify content on other pages or optional content layers without explicit warning. This can cause the signed PDF to differ from what the signer saw, undermining the trustworthiness of the digital signature. The fixed versions are 2025.2.1, 14.0.1, and 13.2.1.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04634,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.foxit.com/support/security-bulletins.html"],"published_time":"2025-12-11T16:16:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-59802","summary":"Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups (OCG) are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamically change the visibility of OCG content after signing (Post-Sign), allowing the visual content of a signed PDF to be modified without invalidating the signature. This may result in a mismatch between the signed content and what the signer or verifier sees, undermining the trustworthiness of the digital signature. The fixed versions are 2025.2.1, 14.0.1, and 13.2.1.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.1018,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.foxit.com/support/security-bulletins.html"],"published_time":"2025-12-11T16:16:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-55309","summary":"An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can contain JavaScript that attaches an OnBlur action on a form field that destroys an annotation. During user right-click interaction, the program's internal focus change handling prematurely releases the annotation object, resulting in a use-after-free vulnerability that may cause memory corruption or application crashes.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02684,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.foxit.com/support/security-bulletins.html"],"published_time":"2025-12-11T16:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-55310","summary":"An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. An attacker able to alter or replace the static HTML files used by the StartPage feature can cause the application to load malicious or compromised content upon startup. This may result in information disclosure, unauthorized data access, or other security impacts.","cvss":7.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.3,"cvss_v4":null,"epss":6e-05,"ranking_epss":0.00387,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.foxit.com/support/security-bulletins.html"],"published_time":"2025-12-11T16:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-55311","summary":"An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can use JavaScript to alter annotation content and subsequently clear the file's modification status via JavaScript interfaces. This circumvents digital signature verification by hiding document modifications, allowing an attacker to mislead users about the document's integrity and compromise the trustworthiness of signed PDFs.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02939,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.foxit.com/support/security-bulletins.html"],"published_time":"2025-12-11T16:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-55312","summary":"An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. When pages in a PDF are deleted via JavaScript, the application may fail to properly update internal states. Subsequent annotation management operations assume these states are valid, causing dereference of invalid or released memory. This can lead to memory corruption, application crashes, and potentially allow an attacker to execute arbitrary code.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02605,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.foxit.com/support/security-bulletins.html"],"published_time":"2025-12-11T16:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-55313","summary":"An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. They allow potential arbitrary code execution when processing crafted PDF files. The vulnerability stems from insufficient handling of memory allocation failures after assigning an extremely large value to a form field's charLimit property via JavaScript. This can result in memory corruption and may allow an attacker to execute arbitrary code by persuading a user to open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04463,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.foxit.com/support/security-bulletins.html"],"published_time":"2025-12-11T16:16:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-64786","summary":"Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain limited unauthorized write access. Exploitation of this issue does not require user interaction.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08047,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/acrobat/apsb25-119.html"],"published_time":"2025-12-09T21:15:59","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-64787","summary":"Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to bypass cryptographic protections and gain limited unauthorized write access. Exploitation of this issue does not require user interaction.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08047,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/acrobat/apsb25-119.html"],"published_time":"2025-12-09T21:15:59","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-64896","summary":"Creative Cloud Desktop versions 6.4.0.361 and earlier are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to disrupt the application's functionality by manipulating temporary files. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.10246,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/creative-cloud/apsb25-120.html"],"published_time":"2025-12-09T21:15:59","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-64899","summary":"Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00048,"ranking_epss":0.14637,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/acrobat/apsb25-119.html"],"published_time":"2025-12-09T21:15:59","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-64785","summary":"Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. If the application uses a search path to locate critical resources such as programs, an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. Exploitation of this issue does not require user interaction.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00056,"ranking_epss":0.17539,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/acrobat/apsb25-119.html"],"published_time":"2025-12-09T21:15:58","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-64783","summary":"DNG SDK versions 1.7.0 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00048,"ranking_epss":0.14637,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/dng-sdk/apsb25-118.html"],"published_time":"2025-12-09T18:16:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-64784","summary":"DNG SDK versions 1.7.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure or application denial of service. An attacker could leverage this vulnerability to disclose sensitive memory information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00041,"ranking_epss":0.12289,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/dng-sdk/apsb25-118.html"],"published_time":"2025-12-09T18:16:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-64893","summary":"DNG SDK versions 1.7.0 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure or application denial of service. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00055,"ranking_epss":0.17325,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/dng-sdk/apsb25-118.html"],"published_time":"2025-12-09T18:16:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-64894","summary":"DNG SDK versions 1.7.0 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this issue to cause the application to crash or become unresponsive. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09973,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/dng-sdk/apsb25-118.html"],"published_time":"2025-12-09T18:16:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13992","summary":"Side-channel information leakage in Navigation and Loading in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security severity: Medium)","cvss":4.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.7,"cvss_v4":null,"epss":0.00039,"ranking_epss":0.11522,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/40095391"],"published_time":"2025-12-03T19:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-55076","summary":"A local privilege escalation vulnerability exists in the InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 for macOS. The service accepts unauthenticated XPC connections and executes input via system(), which may allow a local user to execute arbitrary commands with root privileges.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06915,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://almightysec.com/plugin-alliance-helpertool-xpc-service-local-privilege-escalation/"],"published_time":"2025-12-03T17:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-62686","summary":"A local privilege escalation vulnerability exists in the Plugin Alliance InstallationHelper service included with Plugin Alliance Installation Manager v1.4.0 on macOS. Due to the absence of a hardened runtime and a __RESTRICT segment, a local user may exploit the DYLD_INSERT_LIBRARIES environment variable to inject a dynamic library, potentially resulting in code execution with elevated privileges.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00026,"ranking_epss":0.07257,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://almightysec.com/plugin-alliance-installationhelper-dylib-injection/"],"published_time":"2025-12-03T17:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13634","summary":"Inappropriate implementation in Downloads in Google Chrome on Windows prior to 143.0.7499.41 allowed a local attacker to bypass mark of the web via a crafted HTML page. (Chromium security severity: Medium)","cvss":4.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.4,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00811,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/429140219"],"published_time":"2025-12-02T19:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13635","summary":"Inappropriate implementation in Downloads in Google Chrome prior to 143.0.7499.41 allowed a local attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)","cvss":4.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.4,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01115,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/405727341"],"published_time":"2025-12-02T19:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13636","summary":"Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00125,"ranking_epss":0.317,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/446181124"],"published_time":"2025-12-02T19:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13637","summary":"Inappropriate implementation in Downloads in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass download protections via a crafted HTML page. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00036,"ranking_epss":0.10534,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/392375329"],"published_time":"2025-12-02T19:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13638","summary":"Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00196,"ranking_epss":0.41522,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/448046109"],"published_time":"2025-12-02T19:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13639","summary":"Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low)","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00054,"ranking_epss":0.16765,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/448408148"],"published_time":"2025-12-02T19:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13640","summary":"Inappropriate implementation in Passwords in Google Chrome prior to 143.0.7499.41 allowed a local attacker to bypass authentication via physical access to the device. (Chromium security severity: Low)","cvss":3.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.5,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.0525,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/452071826"],"published_time":"2025-12-02T19:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13720","summary":"Bad cast in Loader in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00146,"ranking_epss":0.3502,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/457818670"],"published_time":"2025-12-02T19:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13721","summary":"Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00111,"ranking_epss":0.29552,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/355120682"],"published_time":"2025-12-02T19:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13631","summary":"Inappropriate implementation in Google Updater in Google Chrome on Mac prior to 143.0.7499.41 allowed a remote attacker to perform privilege escalation via a crafted file. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00144,"ranking_epss":0.34703,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/448113221"],"published_time":"2025-12-02T19:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13632","summary":"Inappropriate implementation in DevTools in Google Chrome prior to 143.0.7499.41 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. (Chromium security severity: High)","cvss":5.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.4,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08752,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/439058242"],"published_time":"2025-12-02T19:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13633","summary":"Use after free in Digital Credentials in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00196,"ranking_epss":0.41522,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/458082926"],"published_time":"2025-12-02T19:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13630","summary":"Type Confusion in V8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00146,"ranking_epss":0.3502,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/456547591"],"published_time":"2025-12-02T19:15:46","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-11933","summary":"Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on multiple platforms allows a remote unauthenticated attacker to potentially cause a denial-of-service via a crafted ClientHello message with duplicate CKS extensions.","cvss":2.3,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":2.3,"epss":0.00056,"ranking_epss":0.17499,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/wolfSSL/wolfssl","https://github.com/wolfSSL/wolfssl/pull/9132"],"published_time":"2025-11-21T23:15:44","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-11934","summary":"Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in wolfSSL 5.8.2 and earlier on multiple platforms allows for downgrading the signature algorithm used. For example when a client sends ECDSA P521 as the supported signature algorithm the server previously could respond as ECDSA P256 being the accepted signature algorithm and the connection would continue with using ECDSA P256, if the client supports ECDSA P256.","cvss":2.1,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":2.7,"cvss_v4":2.1,"epss":0.00015,"ranking_epss":0.03043,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/wolfSSL/wolfssl","https://github.com/wolfSSL/wolfssl/pull/9113","https://github.com/wolfSSL/wolfssl/pull/9113"],"published_time":"2025-11-21T23:15:44","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31248","summary":"A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.5, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06073,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/122069","https://support.apple.com/en-us/122070","https://support.apple.com/en-us/122716"],"published_time":"2025-11-21T22:16:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31266","summary":"A spoofing issue was addressed with improved truncation when displaying the fully qualified domain name. This issue is fixed in Safari 18.5, macOS Sequoia 15.5. A website may be able to spoof the domain name in the title of a pop-up window.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07396,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/122716","https://support.apple.com/en-us/122719"],"published_time":"2025-11-21T22:16:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43374","summary":"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.7, macOS Sequoia 15.5, macOS Sonoma 14.7.3, macOS Ventura 13.7.3, tvOS 18.5, visionOS 2.5, watchOS 11.5. An attacker in physical proximity may be able to cause an out-of-bounds read in kernel memory.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.13177,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/122069","https://support.apple.com/en-us/122070","https://support.apple.com/en-us/122404","https://support.apple.com/en-us/122405","https://support.apple.com/en-us/122716","https://support.apple.com/en-us/122720","https://support.apple.com/en-us/122721","https://support.apple.com/en-us/122722"],"published_time":"2025-11-21T22:16:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-11935","summary":"With TLS 1.3 pre-shared key (PSK) a malicious or faulty server could ignore the request for PFS (perfect forward secrecy) and the client would continue on with the connection using PSK without PFS. This happened when a server responded to a ClientHello containing psk_dhe_ke without a key_share extension. The re-use of an authenticated PSK connection that on the clients side unexpectedly did not have PFS, reduces the security of the connection.","cvss":6.3,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":6.3,"epss":0.00011,"ranking_epss":0.01407,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/wolfSSL/wolfssl","https://github.com/wolfSSL/wolfssl/pull/9112"],"published_time":"2025-11-21T22:16:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13229","summary":"Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00073,"ranking_epss":0.2219,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/446113731"],"published_time":"2025-11-18T00:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13230","summary":"Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00096,"ranking_epss":0.26534,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/446124892"],"published_time":"2025-11-18T00:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13226","summary":"Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00096,"ranking_epss":0.26534,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/446113732"],"published_time":"2025-11-18T00:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13227","summary":"Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00073,"ranking_epss":0.2219,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/446122633"],"published_time":"2025-11-18T00:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13228","summary":"Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00073,"ranking_epss":0.2219,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/446124893"],"published_time":"2025-11-18T00:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13224","summary":"Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00066,"ranking_epss":0.20485,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop_17.html","https://issues.chromium.org/issues/450328966"],"published_time":"2025-11-17T23:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13223","summary":"Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.02804,"ranking_epss":0.86144,"kev":true,"propose_action":"Google Chromium V8 contains a type confusion vulnerability that allows for heap corruption.","ransomware_campaign":"Unknown","references":["https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop_17.html","https://issues.chromium.org/issues/460017370","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-13223"],"published_time":"2025-11-17T23:15:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-9479","summary":"Out of bounds read in V8 in Google Chrome prior to 133.0.6943.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00073,"ranking_epss":0.22139,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_25.html","https://issues.chromium.org/issues/390743124"],"published_time":"2025-11-14T03:15:57","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13097","summary":"Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)","cvss":5.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.4,"cvss_v4":null,"epss":0.0003,"ranking_epss":0.08314,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html","https://issues.chromium.org/issues/402791076"],"published_time":"2025-11-14T03:15:56","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13107","summary":"Inappropriate implementation in Compositing in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00074,"ranking_epss":0.22399,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/429440615"],"published_time":"2025-11-14T03:15:56","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-11920","summary":"Inappropriate implementation in Dawn in Google Chrome on Mac prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00055,"ranking_epss":0.17257,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_29.html","https://issues.chromium.org/issues/371840056"],"published_time":"2025-11-14T03:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-13178","summary":"Inappropriate implementation in Fullscreen in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00074,"ranking_epss":0.22399,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html","https://issues.chromium.org/issues/40068607"],"published_time":"2025-11-14T03:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-7017","summary":"Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00079,"ranking_epss":0.23397,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/338248595"],"published_time":"2025-11-14T03:15:55","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-13042","summary":"Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.166 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00095,"ranking_epss":0.26284,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop_11.html","https://issues.chromium.org/issues/457351015"],"published_time":"2025-11-12T17:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-64531","summary":"Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07735,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb25-113.html"],"published_time":"2025-11-11T21:15:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61833","summary":"Substance3D - Stager versions 3.1.5 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05627,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb25-113.html"],"published_time":"2025-11-11T21:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61834","summary":"Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07735,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb25-113.html"],"published_time":"2025-11-11T21:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61835","summary":"Substance3D - Stager versions 3.1.5 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05627,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb25-113.html"],"published_time":"2025-11-11T21:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61831","summary":"Illustrator versions 28.7.10, 29.8.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05627,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb25-109.html"],"published_time":"2025-11-11T18:15:42","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61819","summary":"Photoshop Desktop versions 26.8.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05627,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/photoshop/apsb25-108.html"],"published_time":"2025-11-11T18:15:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61820","summary":"Illustrator versions 28.7.10, 29.8.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05627,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb25-109.html"],"published_time":"2025-11-11T18:15:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61815","summary":"InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07735,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-106.html"],"published_time":"2025-11-11T17:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61816","summary":"InCopy versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05627,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/incopy/apsb25-107.html"],"published_time":"2025-11-11T17:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61817","summary":"InCopy versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07735,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/incopy/apsb25-107.html"],"published_time":"2025-11-11T17:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61818","summary":"InCopy versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07735,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/incopy/apsb25-107.html"],"published_time":"2025-11-11T17:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61824","summary":"InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05627,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-106.html"],"published_time":"2025-11-11T17:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61832","summary":"InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05627,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-106.html"],"published_time":"2025-11-11T17:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61814","summary":"InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07735,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-106.html"],"published_time":"2025-11-11T17:15:51","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12443","summary":"Out of bounds read in WebXR in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05562,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/452071845"],"published_time":"2025-11-10T20:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12444","summary":"Incorrect security UI in Fullscreen UI in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)","cvss":4.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.2,"cvss_v4":null,"epss":0.00054,"ranking_epss":0.16866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/390571618"],"published_time":"2025-11-10T20:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12445","summary":"Policy bypass in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Low)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.03081,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/428397712"],"published_time":"2025-11-10T20:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12446","summary":"Incorrect security UI in SplitView in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. (Chromium security severity: Low)","cvss":4.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.2,"cvss_v4":null,"epss":0.00055,"ranking_epss":0.17115,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/444932667"],"published_time":"2025-11-10T20:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12725","summary":"Out of bounds read in WebGPU in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00087,"ranking_epss":0.24979,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/443906252"],"published_time":"2025-11-10T20:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12727","summary":"Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00095,"ranking_epss":0.26284,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/454485895"],"published_time":"2025-11-10T20:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12728","summary":"Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)","cvss":4.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.2,"cvss_v4":null,"epss":0.00055,"ranking_epss":0.17115,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/452392032"],"published_time":"2025-11-10T20:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12436","summary":"Policy bypass in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. (Chromium security severity: Medium)","cvss":5.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.9,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.0233,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/40054742"],"published_time":"2025-11-10T20:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12437","summary":"Use after free in PageInfo in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00089,"ranking_epss":0.25225,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/446294487"],"published_time":"2025-11-10T20:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12440","summary":"Inappropriate implementation in Autofill in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06897,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/430555440"],"published_time":"2025-11-10T20:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12441","summary":"Out of bounds read in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00022,"ranking_epss":0.06021,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/444049512"],"published_time":"2025-11-10T20:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12430","summary":"Object lifecycle issue in Media in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.11012,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/442860743"],"published_time":"2025-11-10T20:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12431","summary":"Inappropriate implementation in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: High)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.04171,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/436887350"],"published_time":"2025-11-10T20:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12432","summary":"Race in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00051,"ranking_epss":0.15567,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/439522866"],"published_time":"2025-11-10T20:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12433","summary":"Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03506,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/449760249"],"published_time":"2025-11-10T20:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12429","summary":"Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0004,"ranking_epss":0.12092,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/450618029"],"published_time":"2025-11-10T20:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12428","summary":"Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00054,"ranking_epss":0.16842,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html","https://issues.chromium.org/issues/447613211"],"published_time":"2025-11-10T20:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-11458","summary":"Heap buffer overflow in Sync in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.13099,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/443196747"],"published_time":"2025-11-06T23:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-11460","summary":"Use after free in Storage in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to execute arbitrary code via a crafted video file. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00097,"ranking_epss":0.26656,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/446722008"],"published_time":"2025-11-06T23:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-11756","summary":"Use after free in Safe Browsing in Google Chrome prior to 141.0.7390.107 allowed a remote attacker who had compromised the renderer process to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.001,"ranking_epss":0.27649,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_14.html","https://issues.chromium.org/issues/447192722"],"published_time":"2025-11-06T23:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-12036","summary":"Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00074,"ranking_epss":0.22334,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_21.html","https://issues.chromium.org/issues/452296415"],"published_time":"2025-11-06T23:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-11211","summary":"Out of bounds read in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.11203,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html","https://issues.chromium.org/issues/441917796"],"published_time":"2025-11-06T22:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-11215","summary":"Off by one error in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.11429,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html","https://issues.chromium.org/issues/439758498"],"published_time":"2025-11-06T22:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-11216","summary":"Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain spoofing via a crafted video file. (Chromium security severity: Low)","cvss":6.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.3,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08185,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html","https://issues.chromium.org/issues/419721056"],"published_time":"2025-11-06T22:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-11219","summary":"Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Low)","cvss":3.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.1,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09977,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html","https://issues.chromium.org/issues/439772737"],"published_time":"2025-11-06T22:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-11205","summary":"Heap buffer overflow in WebGPU in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00095,"ranking_epss":0.26277,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html","https://issues.chromium.org/issues/442444724"],"published_time":"2025-11-06T22:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-11206","summary":"Heap buffer overflow in Video in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00095,"ranking_epss":0.26276,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html","https://issues.chromium.org/issues/444755026"],"published_time":"2025-11-06T22:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-11207","summary":"Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Medium)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00051,"ranking_epss":0.15849,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html","https://issues.chromium.org/issues/428189824"],"published_time":"2025-11-06T22:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-11208","summary":"Inappropriate implementation in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)","cvss":6.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.3,"cvss_v4":null,"epss":0.00047,"ranking_epss":0.14212,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html","https://issues.chromium.org/issues/397878997"],"published_time":"2025-11-06T22:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-11210","summary":"Side-channel information leakage in Tab in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)","cvss":5.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.4,"cvss_v4":null,"epss":0.00022,"ranking_epss":0.05776,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html","https://issues.chromium.org/issues/440523110"],"published_time":"2025-11-06T22:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-43000","summary":"A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, Safari 16.6, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0006,"ranking_epss":0.18675,"kev":true,"propose_action":"Apple macOS, iOS, iPadOS, and Safari 16.6 contain a use-after-free vulnerability due to the processing of maliciously crafted web content that may lead to memory corruption.","ransomware_campaign":"Unknown","references":["https://support.apple.com/en-us/120324","https://support.apple.com/en-us/120331","https://support.apple.com/en-us/120338","https://support.apple.com/en-us/126632","https://cloud.google.com/blog/topics/threat-intelligence/coruna-powerful-ios-exploit-kit","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-43000"],"published_time":"2025-11-05T19:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43476","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to break out of its sandbox.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01628,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43477","summary":"A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01052,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43478","summary":"A use after free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to cause unexpected system termination.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02478,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43479","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00011,"ranking_epss":0.01356,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43481","summary":"This issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to break out of its sandbox.","cvss":5.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.2,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02912,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635"],"published_time":"2025-11-04T02:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43496","summary":"The issue was addressed by adding additional logic. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. Remote content may be loaded even when the 'Load Remote Images' setting is turned off.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00064,"ranking_epss":0.19876,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125633","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125638","https://support.apple.com/en-us/125639"],"published_time":"2025-11-04T02:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43498","summary":"An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, visionOS 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01778,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636","https://support.apple.com/en-us/125638"],"published_time":"2025-11-04T02:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43499","summary":"This issue was addressed with additional entitlement checks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02601,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125633","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43468","summary":"A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":8e-05,"ranking_epss":0.00746,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:51","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43469","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01545,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:51","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43472","summary":"A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05608,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:51","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43474","summary":"An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to cause unexpected system termination or read kernel memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02505,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:51","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43445","summary":"An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00047,"ranking_epss":0.14202,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125633","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636","https://support.apple.com/en-us/125637","https://support.apple.com/en-us/125638","https://support.apple.com/en-us/125639"],"published_time":"2025-11-04T02:15:50","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43446","summary":"This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to modify protected parts of the file system.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00026,"ranking_epss":0.07337,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:50","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43448","summary":"This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. An app may be able to break out of its sandbox.","cvss":6.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.3,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07713,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125633","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636","https://support.apple.com/en-us/125637","https://support.apple.com/en-us/125638","https://support.apple.com/en-us/125639"],"published_time":"2025-11-04T02:15:50","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43423","summary":"A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Tahoe 26.1, visionOS 26.1. An attacker with physical access to an unlocked device paired with a Mac may be able to view sensitive user information in system logging.","cvss":2.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":2.0,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.03868,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125633","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125638"],"published_time":"2025-11-04T02:15:48","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43405","summary":"A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00044,"ranking_epss":0.13488,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43407","summary":"This issue was addressed with improved entitlements. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1. An app may be able to break out of its sandbox.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02412,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636","https://support.apple.com/en-us/125637","https://support.apple.com/en-us/125638"],"published_time":"2025-11-04T02:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43408","summary":"This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An attacker with physical access may be able to access contacts from the lock screen.","cvss":2.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":2.4,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.03916,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43409","summary":"A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03379,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635"],"published_time":"2025-11-04T02:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43411","summary":"This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00011,"ranking_epss":0.01401,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43412","summary":"A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to break out of its sandbox.","cvss":6.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.3,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02087,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43413","summary":"An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A sandboxed app may be able to observe system-wide network connections.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00053,"ranking_epss":0.16577,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636","https://support.apple.com/en-us/125637","https://support.apple.com/en-us/125638","https://support.apple.com/en-us/125639"],"published_time":"2025-11-04T02:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43414","summary":"A permissions issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. A shortcut may be able to access files that are normally inaccessible to the Shortcuts app.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.0308,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43420","summary":"A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":4.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.7,"cvss_v4":null,"epss":8e-05,"ranking_epss":0.00642,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:47","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43394","summary":"This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":9e-05,"ranking_epss":0.00849,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:46","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43395","summary":"This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access protected user data.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03457,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:46","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43396","summary":"A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. A sandboxed app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01548,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:46","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43397","summary":"A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to cause a denial-of-service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01606,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:46","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43398","summary":"The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. An app may be able to cause unexpected system termination.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05308,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125633","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636","https://support.apple.com/en-us/125637","https://support.apple.com/en-us/125638","https://support.apple.com/en-us/125639"],"published_time":"2025-11-04T02:15:46","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43399","summary":"This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to access protected user data.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00039,"ranking_epss":0.11765,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125633","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635"],"published_time":"2025-11-04T02:15:46","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43401","summary":"A denial-of-service issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. A remote attacker may be able to cause a denial-of-service.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00128,"ranking_epss":0.32239,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:46","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43379","summary":"This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06043,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636","https://support.apple.com/en-us/125637","https://support.apple.com/en-us/125638","https://support.apple.com/en-us/125639"],"published_time":"2025-11-04T02:15:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43380","summary":"An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. Parsing a file may lead to an unexpected app termination.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02478,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43382","summary":"A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05194,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43383","summary":"An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00049,"ranking_epss":0.14943,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125633","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125637","https://support.apple.com/en-us/125638"],"published_time":"2025-11-04T02:15:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43384","summary":"An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00049,"ranking_epss":0.14943,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125633","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125637","https://support.apple.com/en-us/125638"],"published_time":"2025-11-04T02:15:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43385","summary":"An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00049,"ranking_epss":0.14943,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125633","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125637","https://support.apple.com/en-us/125638"],"published_time":"2025-11-04T02:15:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43387","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. A malicious app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03523,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635"],"published_time":"2025-11-04T02:15:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43389","summary":"A privacy issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, visionOS 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.04963,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125633","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636","https://support.apple.com/en-us/125638"],"published_time":"2025-11-04T02:15:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43390","summary":"A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":7e-05,"ranking_epss":0.00568,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635"],"published_time":"2025-11-04T02:15:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43391","summary":"A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01472,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43373","summary":"The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to cause unexpected system termination or corrupt kernel memory.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.11333,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:44","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43377","summary":"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to cause a denial-of-service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.03883,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125633","https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635"],"published_time":"2025-11-04T02:15:44","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43378","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02945,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635"],"published_time":"2025-11-04T02:15:44","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43361","summary":"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 26 and iPadOS 26, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A malicious app may be able to read kernel memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.0405,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125114","https://support.apple.com/en-us/125115","https://support.apple.com/en-us/125116","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:43","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43364","summary":"A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26.1. An app may be able to break out of its sandbox.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":8e-05,"ranking_epss":0.00766,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","https://support.apple.com/en-us/125634"],"published_time":"2025-11-04T02:15:43","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43345","summary":"A correctness issue was addressed with improved checks. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01665,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125109","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","https://support.apple.com/en-us/125114","https://support.apple.com/en-us/125115","https://support.apple.com/en-us/125116"],"published_time":"2025-11-04T02:15:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43348","summary":"A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may bypass Gatekeeper checks.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":6e-05,"ranking_epss":0.00403,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43334","summary":"This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0001,"ranking_epss":0.01052,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43335","summary":"The issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01548,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43336","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app with root privileges may be able to access private information.","cvss":4.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.0171,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43338","summary":"An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 26 and iPadOS 26, macOS Sonoma 14.8.2, macOS Sonoma 14.8.4, macOS Tahoe 26. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05515,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125636","https://support.apple.com/en-us/126350"],"published_time":"2025-11-04T02:15:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43322","summary":"A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01548,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125634","https://support.apple.com/en-us/125635","https://support.apple.com/en-us/125636"],"published_time":"2025-11-04T02:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43288","summary":"This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.7, macOS Tahoe 26. An app may be able to bypass Privacy preferences.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03378,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111"],"published_time":"2025-11-04T02:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54658","summary":"An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1 through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated attacker to escalate their privilege to Root via sending a crafted request to a local listening port.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.13072,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://fortiguard.fortinet.com/psirt/FG-IR-25-628"],"published_time":"2025-10-16T14:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-53950","summary":"An Exposure of Private Personal Information ('Privacy Violation') vulnerability [CWE-359] in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS and Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1. through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated administrator to collect current user's email information.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02278,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://fortiguard.fortinet.com/psirt/FG-IR-25-639"],"published_time":"2025-10-16T14:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43281","summary":"The issue was addressed with improved authentication. This issue is fixed in macOS Sequoia 15.6. A local attacker may be able to elevate their privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02506,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149"],"published_time":"2025-10-15T20:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43282","summary":"A double free issue was addressed with improved memory management. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. An app may be able to cause unexpected system termination.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02467,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124148","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155"],"published_time":"2025-10-15T20:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43313","summary":"A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01548,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151"],"published_time":"2025-10-15T20:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54271","summary":"Creative Cloud Desktop versions 6.7.0.278 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could lead to arbitrary file system write. A low-privileged attacker could exploit the timing between the check and use of a resource, potentially allowing unauthorized modifications to files. Exploitation of this issue does not require user interaction.","cvss":5.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.6,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02317,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/creative-cloud/apsb25-95.html"],"published_time":"2025-10-15T17:15:59","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54268","summary":"Bridge versions 14.1.8, 15.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07585,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/bridge/apsb25-96.html"],"published_time":"2025-10-15T02:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54278","summary":"Bridge versions 14.1.8, 15.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00022,"ranking_epss":0.05916,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/bridge/apsb25-96.html"],"published_time":"2025-10-15T02:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54269","summary":"Animate versions 23.0.13, 24.0.10 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00022,"ranking_epss":0.05916,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/animate/apsb25-97.html"],"published_time":"2025-10-15T01:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54270","summary":"Animate versions 23.0.13, 24.0.10 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive memory information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00022,"ranking_epss":0.05916,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/animate/apsb25-97.html"],"published_time":"2025-10-15T01:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54279","summary":"Animate versions 23.0.13, 24.0.10 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00036,"ranking_epss":0.10539,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/animate/apsb25-97.html"],"published_time":"2025-10-15T01:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61804","summary":"Animate versions 23.0.13, 24.0.10 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07585,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/animate/apsb25-97.html"],"published_time":"2025-10-15T01:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54196","summary":"Adobe Connect versions 12.9 and earlier are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. An attacker could leverage this vulnerability to redirect users to malicious websites.  Exploitation of this issue requires user interaction in that a victim must click on a crafted link.","cvss":3.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.1,"cvss_v4":null,"epss":0.0004,"ranking_epss":0.12101,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/connect/apsb25-70.html"],"published_time":"2025-10-14T22:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-49552","summary":"Adobe Connect versions 12.9 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by a high-privileged attacker to execute malicious scripts in a victim's browser. Exploitation of this issue requires user interaction in that a victim must navigate to a crafted web page. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. Scope is changed.","cvss":7.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.3,"cvss_v4":null,"epss":0.00078,"ranking_epss":0.23313,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/connect/apsb25-70.html"],"published_time":"2025-10-14T22:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-49553","summary":"Adobe Connect versions 12.9 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute malicious scripts in a victim's browser. Exploitation of this issue requires user interaction in that a victim must navigate to a crafted web page. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality and integrity impact as high. Scope is changed.","cvss":9.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.3,"cvss_v4":null,"epss":0.00085,"ranking_epss":0.24615,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/connect/apsb25-70.html"],"published_time":"2025-10-14T22:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61805","summary":"Substance3D - Stager versions 3.1.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07585,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb25-104.html"],"published_time":"2025-10-14T20:15:53","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61806","summary":"Substance3D - Stager versions 3.1.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07585,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb25-104.html"],"published_time":"2025-10-14T20:15:53","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61807","summary":"Substance3D - Stager versions 3.1.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07585,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb25-104.html"],"published_time":"2025-10-14T20:15:53","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61799","summary":"Dimension versions 4.1.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07585,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/dimension/apsb25-103.html"],"published_time":"2025-10-14T20:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61800","summary":"Dimension versions 4.1.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07585,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/dimension/apsb25-103.html"],"published_time":"2025-10-14T20:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61801","summary":"Dimension versions 4.1.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00036,"ranking_epss":0.10539,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/dimension/apsb25-103.html"],"published_time":"2025-10-14T20:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61802","summary":"Substance3D - Stager versions 3.1.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00036,"ranking_epss":0.10539,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb25-104.html"],"published_time":"2025-10-14T20:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61803","summary":"Substance3D - Stager versions 3.1.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07585,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb25-104.html"],"published_time":"2025-10-14T20:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-61798","summary":"Dimension versions 4.1.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07585,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/dimension/apsb25-103.html"],"published_time":"2025-10-14T20:15:51","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54283","summary":"Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07585,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb25-102.html"],"published_time":"2025-10-14T20:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54284","summary":"Illustrator versions 29.7, 28.7.9 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07585,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb25-102.html"],"published_time":"2025-10-14T20:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-55248","summary":"Inadequate encryption strength in .NET, .NET Framework, Visual Studio allows an authorized attacker to disclose information over a network.","cvss":4.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.8,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08003,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55248"],"published_time":"2025-10-14T17:15:44","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-27906","summary":"IBM Content Navigator 3.0.11, 3.0.15, 3.1.0, and 3.2.0 could expose the directory listing of the application upon using an application URL. Application files and folders are visible in the browser to a user; however, the contents of the files cannot be read obtained or modified.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08643,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.ibm.com/support/pages/node/7247854"],"published_time":"2025-10-14T15:16:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43296","summary":"A logic issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26. An app may bypass Gatekeeper checks.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":4e-05,"ranking_epss":0.00202,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110"],"published_time":"2025-10-09T21:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-10751","summary":"MacForge contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root.This issue affects MacForge: 1.2.0 Beta 1.","cvss":8.5,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":8.5,"epss":0.00017,"ranking_epss":0.03889,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://fluidattacks.com/advisories/m83","https://github.com/MacEnhance/MacForge","https://www.macenhance.com/macforge","https://fluidattacks.com/advisories/m83"],"published_time":"2025-10-04T01:15:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-59489","summary":"Unity Runtime before 2025-10-02 on Android, Windows, macOS, and Linux allows argument injection that can result in loading of library code from an unintended location. If an application was built with a version of Unity Editor that had the vulnerable Unity Runtime code, then an adversary may be able to execute code on, and exfiltrate confidential information from, the machine on which that application is running. NOTE: product status is provided for Unity Editor because that is the information available from the Supplier. However, updating Unity Editor typically does not address the effects of the vulnerability; instead, it is necessary to rebuild and redeploy all affected applications.","cvss":7.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.4,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02929,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://flatt.tech/research/posts/arbitrary-code-execution-in-unity-runtime/","https://unity.com/security#security-updates-and-patches","https://unity.com/security/sept-2025-01"],"published_time":"2025-10-03T14:15:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43400","summary":"An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.1 and iPadOS 18.7.1, iOS 26.0.1 and iPadOS 26.0.1, macOS Sequoia 15.7.1, macOS Sonoma 14.8.1, macOS Tahoe 26.0.1, tvOS 26.1, visionOS 26.0.1, watchOS 26.1. Processing a maliciously crafted font may lead to unexpected app termination or corrupt process memory.","cvss":6.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.3,"cvss_v4":null,"epss":0.00149,"ranking_epss":0.35402,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125326","https://support.apple.com/en-us/125327","https://support.apple.com/en-us/125328","https://support.apple.com/en-us/125329","https://support.apple.com/en-us/125330","https://support.apple.com/en-us/125338","https://support.apple.com/en-us/125637","https://support.apple.com/en-us/125639","http://seclists.org/fulldisclosure/2025/Sep/73","http://seclists.org/fulldisclosure/2025/Sep/76","http://seclists.org/fulldisclosure/2025/Sep/78"],"published_time":"2025-09-29T18:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-10501","summary":"Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00141,"ranking_epss":0.34256,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html","https://issues.chromium.org/issues/440737137"],"published_time":"2025-09-24T17:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-10502","summary":"Heap buffer overflow in ANGLE in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00103,"ranking_epss":0.28143,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html","https://issues.chromium.org/issues/438038775"],"published_time":"2025-09-24T17:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-10585","summary":"Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.007,"ranking_epss":0.72038,"kev":true,"propose_action":"Google Chromium contains a type confusion vulnerability in the V8 JavaScript and WebAssembly engine.","ransomware_campaign":"Unknown","references":["https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html","https://issues.chromium.org/issues/445380761","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-10585"],"published_time":"2025-09-24T17:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-10890","summary":"Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)","cvss":9.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.1,"cvss_v4":null,"epss":0.00053,"ranking_epss":0.16641,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_23.html","https://issues.chromium.org/issues/430336833"],"published_time":"2025-09-24T17:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-10891","summary":"Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00112,"ranking_epss":0.29729,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_23.html","https://issues.chromium.org/issues/443765373"],"published_time":"2025-09-24T17:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-10892","summary":"Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00112,"ranking_epss":0.29729,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_23.html","https://issues.chromium.org/issues/444048019"],"published_time":"2025-09-24T17:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-10500","summary":"Use after free in Dawn in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00153,"ranking_epss":0.35983,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html","https://issues.chromium.org/issues/435875050"],"published_time":"2025-09-24T17:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-34189","summary":"Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and Application versions prior to 20.0.1330 (macOS/Linux client deployments) contain a vulnerability in the local inter-process communication (IPC) mechanism. The software stores IPC request and response files inside /opt/PrinterInstallerClient/tmp with world-readable and world-writable permissions. Any local user can craft malicious request files that are processed by privileged daemons, leading to unauthorized actions being executed in other user sessions. This breaks user session isolation, potentially allowing local attackers to hijack sessions, perform unintended actions in the context of other users, and impact system integrity and availability. This vulnerability has been identified by the vendor as: V-2022-004 — Client Inter-process Security.","cvss":6.9,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":6.9,"epss":0.00054,"ranking_epss":0.17033,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm","https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm","https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#mac-lack-auth-communication","https://www.vulncheck.com/advisories/vasion-print-printerlogic-insecure-interprocess-communication"],"published_time":"2025-09-19T19:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-34190","summary":"Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 (macOS/Linux client deployments) are vulnerable to an authentication bypass in PrinterInstallerClientService. The service requires root privileges for certain administrative operations, but these checks rely on calls to geteuid(). By preloading a malicious shared object overriding geteuid(), a local attacker can trick the service into believing it is running with root privileges. This bypass enables execution of administrative commands (e.g., enabling debug mode, managing configurations, or invoking privileged features) without proper authorization. While some actions requiring write access to protected files may still fail, the flaw effectively breaks the intended security model of the inter-process communication (IPC) system, allowing local attackers to escalate privileges and compromise system integrity. This vulnerability has been confirmed to be remediated, but it is unclear as to when the patch was introduced.","cvss":8.5,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":8.5,"epss":0.00049,"ranking_epss":0.14989,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm","https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm","https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#mac-auth-bypass-printerinstallerclientservice","https://www.vulncheck.com/advisories/vasion-print-printerlogic-authentication-bypass-via-ld-preload-hooking"],"published_time":"2025-09-19T19:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-34191","summary":"Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.843 and Application prior to 20.0.1923 (macOS/Linux client deployments) contain an arbitrary file write vulnerability via the response file handling. When tasks produce output the service writes response data into files under /opt/PrinterInstallerClient/tmp/responses/ reusing the requested filename. The service follows symbolic links in the responses directory and writes as the service user (typically root), allowing a local, unprivileged user to cause the service to overwrite or create arbitrary files on the filesystem as root. This can be used to modify configuration files, replace or inject binaries or drivers, and otherwise achieve local privilege escalation and full system compromise. This vulnerability has been identified by the vendor as: V-2023-019 — Arbitrary File Write as Root.","cvss":8.5,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":8.4,"cvss_v4":8.5,"epss":0.00062,"ranking_epss":0.19259,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm","https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm","https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#mac-arbitrary-file-write","https://www.vulncheck.com/advisories/vasion-print-printerlogic-arbitrary-file-write-as-root-via-response-path-symlink-follow"],"published_time":"2025-09-19T19:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-34192","summary":"Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 22.0.893 and Application versions prior to 20.0.2140 (macOS/Linux client deployments) are built against OpenSSL 1.0.2h-fips (released May 2016), which has been end-of-life since 2019 and is no longer supported by the OpenSSL project. Continued use of this outdated cryptographic library exposes deployments to known vulnerabilities that are no longer patched, weakening the overall security posture. Affected daemons may emit deprecation warnings and rely on cryptographic components with unresolved security flaws, potentially enabling attackers to exploit weaknesses in TLS/SSL processing or cryptographic operations. This vulnerability has been identified by the vendor as: V-2023-021 — Out-of-Date OpenSSL Library.","cvss":9.3,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":9.3,"epss":0.00588,"ranking_epss":0.69185,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm","https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm","https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#mac-outdated-openssl","https://www.vulncheck.com/advisories/vasion-print-printerlogic-usage-of-outdated-and-unsupported-openssl-version"],"published_time":"2025-09-19T19:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-34188","summary":"Vasion Print (formerly PrinterLogic) Virtual Appliance Host versions prior to 1.0.735 and Application prior to 20.0.1330 (macOS/Linux client deployments) contain a vulnerability in the local logging mechanism. Authentication session tokens, including PHPSESSID, XSRF-TOKEN, and laravel_session, are stored in cleartext within world-readable log files. Any local user with access to the machine can extract these session tokens and use them to authenticate remotely to the SaaS environment, bypassing normal login credentials, potentially leading to unauthorized system access and exposure of sensitive information. This vulnerability has been identified by the vendor as: V-2022-008 — Secrets Leaked in Logs.","cvss":8.4,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":8.4,"epss":0.00073,"ranking_epss":0.22188,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm","https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm","https://pierrekim.github.io/blog/2025-04-08-vasion-printerlogic-83-vulnerabilities.html#mac-leak-secrets","https://www.vulncheck.com/advisories/vasion-print-printerlogic-local-log-disclosure-of-cleartext-sessions"],"published_time":"2025-09-19T19:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54262","summary":"Substance3D - Stager versions 3.1.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08654,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb25-81.html"],"published_time":"2025-09-16T18:15:53","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54237","summary":"Substance3D - Stager versions 3.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06751,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb25-81.html"],"published_time":"2025-09-16T18:15:52","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43366","summary":"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to disclose coprocessor memory.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02736,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43367","summary":"A privacy issue was addressed by moving sensitive data. This issue is fixed in macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03511,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43368","summary":"A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26. Processing maliciously crafted web content may lead to an unexpected Safari crash.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00054,"ranking_epss":0.16984,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125113","http://seclists.org/fulldisclosure/2025/Sep/49","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/59","http://www.openwall.com/lists/oss-security/2025/09/22/3"],"published_time":"2025-09-15T23:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43369","summary":"This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02915,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43372","summary":"The issue was addressed with improved input validation. This issue is fixed in iOS 26 and iPadOS 26, macOS Sonoma 14.8.2, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.13159,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125114","https://support.apple.com/en-us/125115","https://support.apple.com/en-us/125116","https://support.apple.com/en-us/125636","http://seclists.org/fulldisclosure/2025/Sep/49","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/56","http://seclists.org/fulldisclosure/2025/Sep/57","http://seclists.org/fulldisclosure/2025/Sep/58"],"published_time":"2025-09-15T23:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43349","summary":"An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing a maliciously crafted video file may lead to unexpected app termination.","cvss":2.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":2.8,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03513,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125109","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","https://support.apple.com/en-us/125114","https://support.apple.com/en-us/125115","https://support.apple.com/en-us/125116","http://seclists.org/fulldisclosure/2025/Sep/49","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55","http://seclists.org/fulldisclosure/2025/Sep/56","http://seclists.org/fulldisclosure/2025/Sep/57","http://seclists.org/fulldisclosure/2025/Sep/58"],"published_time":"2025-09-15T23:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43353","summary":"The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. Processing a maliciously crafted string may lead to heap corruption.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03449,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43354","summary":"A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02933,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125114","https://support.apple.com/en-us/125115","https://support.apple.com/en-us/125116","http://seclists.org/fulldisclosure/2025/Sep/49","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/56","http://seclists.org/fulldisclosure/2025/Sep/57","http://seclists.org/fulldisclosure/2025/Sep/58"],"published_time":"2025-09-15T23:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43355","summary":"A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to cause a denial-of-service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02913,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125109","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","https://support.apple.com/en-us/125114","https://support.apple.com/en-us/125115","https://support.apple.com/en-us/125116","http://seclists.org/fulldisclosure/2025/Sep/49","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55","http://seclists.org/fulldisclosure/2025/Sep/56","http://seclists.org/fulldisclosure/2025/Sep/57","http://seclists.org/fulldisclosure/2025/Sep/58"],"published_time":"2025-09-15T23:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43356","summary":"The issue was addressed with improved handling of caches. This issue is fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A website may be able to access sensor information without user consent.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00056,"ranking_epss":0.17565,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125109","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125113","https://support.apple.com/en-us/125114","https://support.apple.com/en-us/125115","https://support.apple.com/en-us/125116","http://seclists.org/fulldisclosure/2025/Sep/49","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/56","http://seclists.org/fulldisclosure/2025/Sep/57","http://seclists.org/fulldisclosure/2025/Sep/59","http://www.openwall.com/lists/oss-security/2025/09/22/3"],"published_time":"2025-09-15T23:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43357","summary":"This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26. An app may be able to fingerprint the user.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03508,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/49","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43358","summary":"A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A shortcut may be able to bypass sandbox restrictions.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02826,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125109","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/49","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43359","summary":"A logic issue was addressed with improved state management. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A UDP server socket bound to a local interface may become bound to all interfaces.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00128,"ranking_epss":0.32216,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125109","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","https://support.apple.com/en-us/125114","https://support.apple.com/en-us/125115","https://support.apple.com/en-us/125116","http://seclists.org/fulldisclosure/2025/Sep/49","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55","http://seclists.org/fulldisclosure/2025/Sep/56","http://seclists.org/fulldisclosure/2025/Sep/57","http://seclists.org/fulldisclosure/2025/Sep/58"],"published_time":"2025-09-15T23:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43333","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.0459,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43337","summary":"An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02203,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125635","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43340","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to break out of its sandbox.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.0459,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43341","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05152,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43342","summary":"A correctness issue was addressed with improved checks. This issue is fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing maliciously crafted web content may lead to an unexpected process crash.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00332,"ranking_epss":0.56124,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125109","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125113","https://support.apple.com/en-us/125114","https://support.apple.com/en-us/125115","https://support.apple.com/en-us/125116","http://seclists.org/fulldisclosure/2025/Sep/49","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/57","http://seclists.org/fulldisclosure/2025/Sep/59","http://www.openwall.com/lists/oss-security/2025/09/22/3"],"published_time":"2025-09-15T23:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43343","summary":"The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing maliciously crafted web content may lead to an unexpected process crash.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00168,"ranking_epss":0.37942,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125113","https://support.apple.com/en-us/125114","https://support.apple.com/en-us/125115","https://support.apple.com/en-us/125116","http://seclists.org/fulldisclosure/2025/Sep/49","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/57","http://seclists.org/fulldisclosure/2025/Sep/59","http://www.openwall.com/lists/oss-security/2025/10/13/4","https://access.redhat.com/errata/RHSA-2025:19946","https://security-tracker.debian.org/tracker/CVE-2025-43343","https://ubuntu.com/security/CVE-2025-43343","https://webkitgtk.org/security/WSA-2025-0007.html"],"published_time":"2025-09-15T23:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43344","summary":"An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to cause unexpected system termination.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00022,"ranking_epss":0.05794,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125114","https://support.apple.com/en-us/125115","https://support.apple.com/en-us/125116","http://seclists.org/fulldisclosure/2025/Sep/49","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/57","http://seclists.org/fulldisclosure/2025/Sep/58"],"published_time":"2025-09-15T23:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43346","summary":"An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.03068,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125109","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125114","https://support.apple.com/en-us/125115","https://support.apple.com/en-us/125116","http://seclists.org/fulldisclosure/2025/Sep/49","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/56","http://seclists.org/fulldisclosure/2025/Sep/57","http://seclists.org/fulldisclosure/2025/Sep/58"],"published_time":"2025-09-15T23:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43347","summary":"This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An input validation issue was addressed.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00175,"ranking_epss":0.38998,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125114","https://support.apple.com/en-us/125115","https://support.apple.com/en-us/125116","http://seclists.org/fulldisclosure/2025/Sep/49","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/56","http://seclists.org/fulldisclosure/2025/Sep/57","http://seclists.org/fulldisclosure/2025/Sep/58"],"published_time":"2025-09-15T23:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43321","summary":"The issue was resolved by blocking unsigned services from launching on Intel Macs. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02603,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43325","summary":"An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02915,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43326","summary":"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02444,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43327","summary":"The issue was addressed by adding additional logic. This issue is fixed in Safari 26, macOS Tahoe 26. Visiting a malicious website may lead to address bar spoofing.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00074,"ranking_epss":0.22273,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125113","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/59"],"published_time":"2025-09-15T23:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43328","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user data.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02863,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43329","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, watchOS 26. An app may be able to break out of its sandbox.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.03234,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125114","https://support.apple.com/en-us/125116","http://seclists.org/fulldisclosure/2025/Sep/49","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/57"],"published_time":"2025-09-15T23:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43330","summary":"This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Tahoe 26. An app may be able to break out of its sandbox.","cvss":8.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.2,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03409,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54"],"published_time":"2025-09-15T23:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43331","summary":"A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data.","cvss":4.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.0,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04426,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43332","summary":"A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to break out of its sandbox.","cvss":5.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.2,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03778,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43310","summary":"A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to trick a user into copying sensitive data to the pasteboard.","cvss":4.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04442,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43311","summary":"This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data.","cvss":5.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.1,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.04281,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43312","summary":"A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to cause unexpected system termination.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03449,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43314","summary":"A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02635,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43315","summary":"This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access user-sensitive data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02603,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43316","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26, visionOS 26. A malicious app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05152,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125115","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/58"],"published_time":"2025-09-15T23:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43317","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.0169,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125114","https://support.apple.com/en-us/125115","https://support.apple.com/en-us/125116","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/57","http://seclists.org/fulldisclosure/2025/Sep/58"],"published_time":"2025-09-15T23:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43318","summary":"This issue was addressed with additional entitlement checks. This issue is fixed in macOS Tahoe 26. An app with root privileges may be able to access private information.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05202,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43319","summary":"This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02603,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43299","summary":"A denial-of-service issue was addressed with improved validation. This issue is fixed in iOS 18.7 and iPadOS 18.7, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to cause a denial-of-service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00024,"ranking_epss":0.06404,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125109","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/50","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43301","summary":"A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access contact info related to notifications in Notification Center.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02332,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43302","summary":"An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to cause unexpected system termination.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02913,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125109","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","https://support.apple.com/en-us/125114","https://support.apple.com/en-us/125115","https://support.apple.com/en-us/125116","http://seclists.org/fulldisclosure/2025/Sep/50","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55","http://seclists.org/fulldisclosure/2025/Sep/57","http://seclists.org/fulldisclosure/2025/Sep/58"],"published_time":"2025-09-15T23:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43303","summary":"A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02444,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125114","https://support.apple.com/en-us/125115","https://support.apple.com/en-us/125116","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/57","http://seclists.org/fulldisclosure/2025/Sep/58"],"published_time":"2025-09-15T23:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43304","summary":"A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to gain root privileges.","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00011,"ranking_epss":0.01443,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43305","summary":"A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A malicious app may be able to access private information.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.03977,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43307","summary":"This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user data.","cvss":4.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.0,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04426,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43308","summary":"This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access sensitive user data.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.10031,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43286","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to break out of its sandbox.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06828,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43287","summary":"The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26. Processing a maliciously crafted image may corrupt process memory.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03522,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43291","summary":"A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to modify protected parts of the file system.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00011,"ranking_epss":0.01411,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43292","summary":"A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.7, macOS Sequoia 15.7.2, macOS Tahoe 26. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00013,"ranking_epss":0.02003,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125635","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54"],"published_time":"2025-09-15T23:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43293","summary":"The issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.0553,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43294","summary":"An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26, tvOS 26.1, watchOS 26.1. An app may be able to access sensitive user data.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05187,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125632","https://support.apple.com/en-us/125637","https://support.apple.com/en-us/125639","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43295","summary":"A denial-of-service issue was addressed with improved validation. This issue is fixed in iOS 18.7 and iPadOS 18.7, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to cause a denial-of-service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03449,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125109","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/50","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43297","summary":"A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26. An app may be able to cause a denial-of-service.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05361,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43298","summary":"A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00033,"ranking_epss":0.09552,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43262","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. USB Restricted Mode may not be applied to accessories connected during boot.","cvss":5.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.1,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05362,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43272","summary":"The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, visionOS 26, watchOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00072,"ranking_epss":0.21978,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125113","https://support.apple.com/en-us/125115","https://support.apple.com/en-us/125116","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/57","http://seclists.org/fulldisclosure/2025/Sep/59","http://www.openwall.com/lists/oss-security/2025/09/22/3"],"published_time":"2025-09-15T23:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43279","summary":"A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Tahoe 26. An app may be able to access user-sensitive data.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.05018,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43283","summary":"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to cause unexpected system termination.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00022,"ranking_epss":0.05796,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43285","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.0169,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31269","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02587,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31270","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.04145,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31271","summary":"This issue was addressed through improved state management. This issue is fixed in macOS Tahoe 26. Incoming FaceTime calls can appear or be accepted on a locked macOS device, even with notifications disabled on the lock screen.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.12923,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43190","summary":"A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, visionOS 26, watchOS 26. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02321,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","https://support.apple.com/en-us/125115","https://support.apple.com/en-us/125116","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55","http://seclists.org/fulldisclosure/2025/Sep/57","http://seclists.org/fulldisclosure/2025/Sep/58"],"published_time":"2025-09-15T23:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43204","summary":"This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Tahoe 26. An app may be able to break out of its sandbox.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03316,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43207","summary":"This issue was addressed with improved entitlements. This issue is fixed in macOS Tahoe 26. An app may be able to access user-sensitive data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02915,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43208","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to read sensitive location information.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.04145,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43231","summary":"A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8. An app may be able to access user-sensitive data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04379,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-24088","summary":"The issue was addressed by adding additional logic. This issue is fixed in macOS Tahoe 26. An app may be able to override MDM-enforced settings from profiles.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00061,"ranking_epss":0.18969,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","http://seclists.org/fulldisclosure/2025/Sep/53"],"published_time":"2025-09-15T23:15:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-24197","summary":"A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.03977,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31255","summary":"An authorization issue was addressed with improved state management. This issue is fixed in iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, watchOS 26. An app may be able to access sensitive user data.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00112,"ranking_epss":0.2969,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125108","https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","https://support.apple.com/en-us/125114","https://support.apple.com/en-us/125116","http://seclists.org/fulldisclosure/2025/Sep/49","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55","http://seclists.org/fulldisclosure/2025/Sep/57"],"published_time":"2025-09-15T23:15:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31268","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.0169,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/125110","https://support.apple.com/en-us/125111","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Sep/53","http://seclists.org/fulldisclosure/2025/Sep/54","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-09-15T23:15:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-10200","summary":"Use after free in Serviceworker in Google Chrome on Desktop prior to 140.0.7339.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00088,"ranking_epss":0.25155,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_9.html","https://issues.chromium.org/issues/440454442"],"published_time":"2025-09-10T19:15:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54240","summary":"After Effects versions 25.3, 24.6.7 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure, potentially disclosing sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06751,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/after_effects/apsb25-86.html"],"published_time":"2025-09-09T21:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54241","summary":"After Effects versions 25.3, 24.6.7 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure, potentially disclosing sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06751,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/after_effects/apsb25-86.html"],"published_time":"2025-09-09T21:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54239","summary":"After Effects versions 25.3, 24.6.7 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure, potentially disclosing sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06751,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/after_effects/apsb25-86.html"],"published_time":"2025-09-09T21:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54255","summary":"Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Violation of Secure Design Principles vulnerability that could result in a security feature bypass impacting integrity. An attacker does not have to be authenticated. Exploitation of this issue does not require user interaction, and scope is unchanged.","cvss":4.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.0,"cvss_v4":null,"epss":0.00056,"ranking_epss":0.1741,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/acrobat/apsb25-85.html"],"published_time":"2025-09-09T20:15:44","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54257","summary":"Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file, and scope is unchanged.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00041,"ranking_epss":0.12232,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/acrobat/apsb25-85.html","https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2222"],"published_time":"2025-09-09T20:15:44","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54242","summary":"Premiere Pro versions 25.3, 24.6.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file, and scope is unchanged.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00041,"ranking_epss":0.12232,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/premiere_pro/apsb25-87.html"],"published_time":"2025-09-09T19:15:51","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54256","summary":"Dreamweaver Desktop versions 21.5 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must click on a malicious link, and scope is changed.","cvss":8.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.6,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02645,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/dreamweaver/apsb25-91.html"],"published_time":"2025-09-09T19:15:51","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-9326","summary":"Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26784.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00075,"ranking_epss":0.22561,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.foxit.com/support/security-bulletins.html","https://www.zerodayinitiative.com/advisories/ZDI-25-866/"],"published_time":"2025-09-02T21:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-9328","summary":"Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26773.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00075,"ranking_epss":0.22561,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.foxit.com/support/security-bulletins.html","https://www.zerodayinitiative.com/advisories/ZDI-25-864/"],"published_time":"2025-09-02T21:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-9329","summary":"Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26772.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00075,"ranking_epss":0.22561,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.foxit.com/support/security-bulletins.html","https://www.zerodayinitiative.com/advisories/ZDI-25-863/"],"published_time":"2025-09-02T21:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-9324","summary":"Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26802.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08223,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.foxit.com/support/security-bulletins.html","https://www.zerodayinitiative.com/advisories/ZDI-25-868/"],"published_time":"2025-09-02T21:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-9325","summary":"Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26785.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08223,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.foxit.com/support/security-bulletins.html","https://www.zerodayinitiative.com/advisories/ZDI-25-867/"],"published_time":"2025-09-02T21:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-9815","summary":"A weakness has been identified in alaneuler batteryKid up to 2.1 on macOS. The affected element is an unknown function of the file PrivilegeHelper/PrivilegeHelper.swift of the component NSXPCListener. This manipulation causes missing authentication. It is possible to launch the attack on the local host. The exploit has been made available to the public and could be exploited.","cvss":8.5,"cvss_version":4.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":8.5,"epss":0.00054,"ranking_epss":0.16708,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/SwayZGl1tZyyy/n-days/blob/main/batteryKid/README.md","https://github.com/SwayZGl1tZyyy/n-days/blob/main/batteryKid/README.md#proof-of-concepts","https://vuldb.com/?ctiid.322142","https://vuldb.com/?id.322142","https://vuldb.com/?submit.641358","https://github.com/SwayZGl1tZyyy/n-days/blob/main/batteryKid/README.md","https://github.com/SwayZGl1tZyyy/n-days/blob/main/batteryKid/README.md#proof-of-concepts"],"published_time":"2025-09-02T05:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43268","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A malicious app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04563,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","http://seclists.org/fulldisclosure/2025/Jul/32"],"published_time":"2025-08-29T01:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43284","summary":"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00015,"ranking_epss":0.02943,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151"],"published_time":"2025-08-29T01:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-54554","summary":"This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.1. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00024,"ranking_epss":0.06473,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/121564"],"published_time":"2025-08-29T01:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-54568","summary":"The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2. Parsing a maliciously crafted file may lead to an unexpected app termination.","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00044,"ranking_epss":0.1337,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/121839"],"published_time":"2025-08-29T01:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43187","summary":"This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. Running an hdiutil command may unexpectedly execute arbitrary code.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05628,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-08-29T01:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43255","summary":"An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05331,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-08-29T01:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2024-44271","summary":"The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app may be able to record the screen without an indicator.","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.03878,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/121839"],"published_time":"2025-08-29T01:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-9478","summary":"Use after free in ANGLE in Google Chrome prior to 139.0.7258.154 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00161,"ranking_epss":0.37046,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_26.html","https://issues.chromium.org/issues/437825940"],"published_time":"2025-08-26T19:15:51","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-23315","summary":"NVIDIA NeMo Framework for all platforms contains a vulnerability in the export and deploy component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00038,"ranking_epss":0.11172,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2025-23315","https://nvidia.custhelp.com/app/answers/detail/a_id/5689","https://www.cve.org/CVERecord?id=CVE-2025-23315"],"published_time":"2025-08-26T19:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43300","summary":"An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, iOS 16.7.12 and iPadOS 16.7.12, iOS 18.6.2 and iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, macOS Ventura 13.7.8. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.","cvss":10.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":10.0,"cvss_v4":null,"epss":0.02406,"ranking_epss":0.85104,"kev":true,"propose_action":"Apple iOS, iPadOS, and macOS contain an out-of-bounds write vulnerability in the Image I/O framework.","ransomware_campaign":"Unknown","references":["https://support.apple.com/en-us/124925","https://support.apple.com/en-us/124926","https://support.apple.com/en-us/124927","https://support.apple.com/en-us/124928","https://support.apple.com/en-us/124929","https://support.apple.com/en-us/125141","https://support.apple.com/en-us/125142","http://seclists.org/fulldisclosure/2025/Sep/10","http://seclists.org/fulldisclosure/2025/Sep/14","http://seclists.org/fulldisclosure/2025/Sep/52","https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md","https://github.com/cisagov/vulnrichment/issues/201","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-43300"],"published_time":"2025-08-21T01:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-9132","summary":"Out of bounds write in V8 in Google Chrome prior to 139.0.7258.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00143,"ranking_epss":0.34525,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_19.html","https://issues.chromium.org/issues/436181695"],"published_time":"2025-08-20T01:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-36047","summary":"IBM WebSphere Application Server Liberty 18.0.0.2 through 25.0.0.8 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00105,"ranking_epss":0.28566,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://www.ibm.com/support/pages/node/7242086","https://www.kb.cert.org/vuls/id/767506"],"published_time":"2025-08-14T16:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-23303","summary":"NVIDIA NeMo Framework for all platforms contains a vulnerability where a user could cause a deserialization of untrusted data by remote code execution. A successful exploit of this vulnerability might lead to code execution and data tampering.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01789,"ranking_epss":0.82782,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2025-23303","https://nvidia.custhelp.com/app/answers/detail/a_id/5686","https://www.cve.org/CVERecord?id=CVE-2025-23303"],"published_time":"2025-08-13T18:15:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-23304","summary":"NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker could cause code injection by loading .nemo files with maliciously crafted metadata. A successful exploit of this vulnerability may lead to remote code execution and data tampering.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00372,"ranking_epss":0.59021,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2025-23304","https://nvidia.custhelp.com/app/answers/detail/a_id/5686","https://www.cve.org/CVERecord?id=CVE-2025-23304"],"published_time":"2025-08-13T18:15:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-48500","summary":"A missing file integrity check vulnerability exists on MacOS F5 VPN browser client installer that may allow a local, authenticated attacker with access to the local file system to replace it with a malicious package installer. \nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated.","cvss":7.0,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.3,"cvss_v4":7.0,"epss":0.0001,"ranking_epss":0.01093,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://my.f5.com/manage/s/article/K000151782"],"published_time":"2025-08-13T15:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-8901","summary":"Out of bounds write in ANGLE in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00087,"ranking_epss":0.24942,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html","https://issues.chromium.org/issues/435139154"],"published_time":"2025-08-13T03:15:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-8882","summary":"Use after free in Aura in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0018,"ranking_epss":0.39683,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html","https://issues.chromium.org/issues/435623339"],"published_time":"2025-08-13T03:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-8881","summary":"Inappropriate implementation in File Picker in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06895,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html","https://issues.chromium.org/issues/433800617"],"published_time":"2025-08-13T03:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-8880","summary":"Race in V8 in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00136,"ranking_epss":0.3335,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html","https://issues.chromium.org/issues/433533359"],"published_time":"2025-08-13T03:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-8879","summary":"Heap buffer overflow in libaom in Google Chrome prior to 139.0.7258.127 allowed a remote attacker to potentially exploit heap corruption via a curated set of gestures. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00121,"ranking_epss":0.3116,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html","https://issues.chromium.org/issues/432035817"],"published_time":"2025-08-13T03:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54238","summary":"Dimension versions 4.1.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07771,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/dimension/apsb25-84.html"],"published_time":"2025-08-12T23:15:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54222","summary":"Substance3D - Stager versions 3.1.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/substance3d_stager/apsb25-81.html"],"published_time":"2025-08-12T22:15:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54228","summary":"InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07771,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-79.html"],"published_time":"2025-08-12T21:15:43","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54221","summary":"InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/incopy/apsb25-80.html"],"published_time":"2025-08-12T21:15:42","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54223","summary":"InCopy versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00041,"ranking_epss":0.12446,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/incopy/apsb25-80.html"],"published_time":"2025-08-12T21:15:42","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54224","summary":"InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00041,"ranking_epss":0.12446,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-79.html"],"published_time":"2025-08-12T21:15:42","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54225","summary":"InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00041,"ranking_epss":0.12446,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-79.html"],"published_time":"2025-08-12T21:15:42","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54226","summary":"InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00041,"ranking_epss":0.12446,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-79.html"],"published_time":"2025-08-12T21:15:42","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54227","summary":"InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07771,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-79.html"],"published_time":"2025-08-12T21:15:42","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54215","summary":"InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/incopy/apsb25-80.html"],"published_time":"2025-08-12T21:15:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54216","summary":"InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/incopy/apsb25-80.html"],"published_time":"2025-08-12T21:15:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54217","summary":"InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/incopy/apsb25-80.html"],"published_time":"2025-08-12T21:15:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54218","summary":"InCopy versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/incopy/apsb25-80.html"],"published_time":"2025-08-12T21:15:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54219","summary":"InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/incopy/apsb25-80.html"],"published_time":"2025-08-12T21:15:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54220","summary":"InCopy versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/incopy/apsb25-80.html"],"published_time":"2025-08-12T21:15:41","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54209","summary":"InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-79.html"],"published_time":"2025-08-12T21:15:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54210","summary":"InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-79.html"],"published_time":"2025-08-12T21:15:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54211","summary":"InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-79.html"],"published_time":"2025-08-12T21:15:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54212","summary":"InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-79.html"],"published_time":"2025-08-12T21:15:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54213","summary":"InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-79.html"],"published_time":"2025-08-12T21:15:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54214","summary":"InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07771,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-79.html"],"published_time":"2025-08-12T21:15:40","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54206","summary":"InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-79.html"],"published_time":"2025-08-12T21:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54207","summary":"InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-79.html"],"published_time":"2025-08-12T21:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-54208","summary":"InDesign Desktop versions 20.4, 19.5.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-79.html"],"published_time":"2025-08-12T21:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-49561","summary":"Animate versions 23.0.12, 24.0.9 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00041,"ranking_epss":0.12446,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/animate/apsb25-73.html"],"published_time":"2025-08-12T21:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-49562","summary":"Animate versions 23.0.12, 24.0.9 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09817,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/animate/apsb25-73.html"],"published_time":"2025-08-12T21:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-49570","summary":"Photoshop Desktop versions 25.12.3, 26.8 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/photoshop/apsb25-75.html"],"published_time":"2025-08-12T21:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-49564","summary":"Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb25-74.html"],"published_time":"2025-08-12T17:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-49567","summary":"Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05747,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb25-74.html"],"published_time":"2025-08-12T17:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-49568","summary":"Illustrator versions 28.7.8, 29.6.1 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00034,"ranking_epss":0.09817,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb25-74.html"],"published_time":"2025-08-12T17:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-49563","summary":"Illustrator versions 28.7.8, 29.6.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00031,"ranking_epss":0.08866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb25-74.html"],"published_time":"2025-08-12T17:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-8672","summary":"MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions\ngranted by the user to the main application bundle. An attacker with local user access can\ninvoke this interpreter with arbitrary commands or scripts, leveraging the\napplication's previously granted TCC permissions to access user's files in privacy-protected folders without triggering user prompts. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of GIMP, potentially disguising attacker's malicious intent.\n\nThis issue has been fixed in 3.1.4.2 version of GIMP.","cvss":4.8,"cvss_version":4.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":4.8,"epss":0.00023,"ranking_epss":0.06101,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://cert.pl/en/posts/2025/08/tcc-bypass/","https://gitlab.gnome.org/GNOME/gimp/-/issues/13848","https://gitlab.gnome.org/Infrastructure/gimp-macos-build","https://www.jamf.com/blog/zero-day-tcc-bypass-discovered-in-xcsset-malware/"],"published_time":"2025-08-11T13:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-8576","summary":"Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00214,"ranking_epss":0.4394,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/414760982"],"published_time":"2025-08-07T02:15:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-8577","summary":"Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00058,"ranking_epss":0.17972,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/384050903"],"published_time":"2025-08-07T02:15:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-8578","summary":"Use after free in Cast in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00214,"ranking_epss":0.4394,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/423387026"],"published_time":"2025-08-07T02:15:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-8579","summary":"Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00058,"ranking_epss":0.17972,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/407791462"],"published_time":"2025-08-07T02:15:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-8580","summary":"Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00058,"ranking_epss":0.17972,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/411544197"],"published_time":"2025-08-07T02:15:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-8581","summary":"Inappropriate implementation in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00046,"ranking_epss":0.13902,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/416942878"],"published_time":"2025-08-07T02:15:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-8582","summary":"Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00067,"ranking_epss":0.20686,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/40089450"],"published_time":"2025-08-07T02:15:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-8583","summary":"Inappropriate implementation in Permissions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.00049,"ranking_epss":0.15196,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html","https://issues.chromium.org/issues/373794472"],"published_time":"2025-08-07T02:15:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-8292","summary":"Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00125,"ranking_epss":0.31739,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_29.html","https://issues.chromium.org/issues/426054987"],"published_time":"2025-07-30T02:17:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43267","summary":"An injection issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00026,"ranking_epss":0.07283,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","http://seclists.org/fulldisclosure/2025/Jul/32"],"published_time":"2025-07-30T00:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43270","summary":"An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may gain unauthorized access to Local Network.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05749,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43273","summary":"A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.8. A sandboxed process may be able to circumvent sandbox restrictions.","cvss":9.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.1,"cvss_v4":null,"epss":0.00072,"ranking_epss":0.22005,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-07-30T00:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43274","summary":"A privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to circumvent sandbox restrictions.","cvss":4.4,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00014,"ranking_epss":0.02619,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","http://seclists.org/fulldisclosure/2025/Jul/32"],"published_time":"2025-07-30T00:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43275","summary":"A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00113,"ranking_epss":0.29862,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43276","summary":"A logic error was addressed with improved error handling. This issue is fixed in macOS Sequoia 15.6. iCloud Private Relay may not activate when more than one user is logged in at the same time.","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00105,"ranking_epss":0.28498,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","http://seclists.org/fulldisclosure/2025/Jul/32"],"published_time":"2025-07-30T00:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43277","summary":"The issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.8, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted audio file may lead to memory corruption.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00035,"ranking_epss":0.10336,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155","https://support.apple.com/en-us/125112","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/35","http://seclists.org/fulldisclosure/2025/Jul/37","http://seclists.org/fulldisclosure/2025/Sep/55"],"published_time":"2025-07-30T00:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43252","summary":"This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sequoia 15.6. A website may be able to access sensitive user data when resolving symlinks.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00067,"ranking_epss":0.20664,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","http://seclists.org/fulldisclosure/2025/Jul/32"],"published_time":"2025-07-30T00:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43253","summary":"This issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to launch arbitrary binaries on a trusted device.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00162,"ranking_epss":0.37105,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33"],"published_time":"2025-07-30T00:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43254","summary":"An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. Processing a maliciously crafted file may lead to unexpected app termination.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.05073,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43256","summary":"This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04475,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33"],"published_time":"2025-07-30T00:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43259","summary":"This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An attacker with physical access to a locked device may be able to view sensitive user information.","cvss":4.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.6,"cvss_v4":null,"epss":0.00045,"ranking_epss":0.13718,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43260","summary":"This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to hijack entitlements granted to other privileged apps.","cvss":5.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.1,"cvss_v4":null,"epss":0.00024,"ranking_epss":0.06414,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33"],"published_time":"2025-07-30T00:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43261","summary":"A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00224,"ranking_epss":0.45178,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43265","summary":"An out-of-bounds read was addressed with improved input validation. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may disclose internal states of the app.","cvss":4.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.0,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07596,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124152","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155","http://seclists.org/fulldisclosure/2025/Aug/0","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/35","http://seclists.org/fulldisclosure/2025/Jul/37","http://www.openwall.com/lists/oss-security/2025/08/02/1","https://lists.debian.org/debian-lts-announce/2025/08/msg00015.html"],"published_time":"2025-07-30T00:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43266","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox.","cvss":5.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.1,"cvss_v4":null,"epss":0.00022,"ranking_epss":0.0589,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:37","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43241","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to read files outside of its sandbox.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04401,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43243","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to modify protected parts of the file system.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.0011,"ranking_epss":0.29392,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43244","summary":"A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause unexpected system termination.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00113,"ranking_epss":0.29862,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43245","summary":"A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00129,"ranking_epss":0.32261,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43246","summary":"This issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.0502,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33"],"published_time":"2025-07-30T00:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43247","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. A malicious app with root privileges may be able to modify the contents of system files.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00074,"ranking_epss":0.22346,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43248","summary":"A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07574,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33"],"published_time":"2025-07-30T00:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43249","summary":"A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.0801,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43250","summary":"A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to break out of its sandbox.","cvss":4.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.0,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.11094,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43251","summary":"An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.6. A local attacker may gain access to Keychain items.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05442,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","http://seclists.org/fulldisclosure/2025/Jul/32"],"published_time":"2025-07-30T00:15:36","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43229","summary":"This issue was addressed through improved state management. This issue is fixed in Safari 18.6, macOS Sequoia 15.6. Processing maliciously crafted web content may lead to universal cross site scripting.","cvss":6.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.1,"cvss_v4":null,"epss":0.0007,"ranking_epss":0.21409,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124152","http://seclists.org/fulldisclosure/2025/Aug/0","http://seclists.org/fulldisclosure/2025/Jul/32"],"published_time":"2025-07-30T00:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43230","summary":"The issue was addressed with additional permissions checks. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. An app may be able to access user-sensitive data.","cvss":4.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.0,"cvss_v4":null,"epss":0.00025,"ranking_epss":0.06843,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124148","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/31","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/35","http://seclists.org/fulldisclosure/2025/Jul/37"],"published_time":"2025-07-30T00:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43232","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to bypass certain Privacy preferences.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.0011,"ranking_epss":0.29392,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43233","summary":"This issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. A malicious app acting as a HTTPS proxy could get access to sensitive user data.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00129,"ranking_epss":0.32261,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43234","summary":"Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted texture may lead to unexpected app termination.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00232,"ranking_epss":0.46098,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/35","http://seclists.org/fulldisclosure/2025/Jul/37"],"published_time":"2025-07-30T00:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43235","summary":"The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6. An app may be able to cause a denial-of-service.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00018,"ranking_epss":0.04633,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","http://seclists.org/fulldisclosure/2025/Jul/32"],"published_time":"2025-07-30T00:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43237","summary":"An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6. An app may be able to cause unexpected system termination.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00103,"ranking_epss":0.28196,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","http://seclists.org/fulldisclosure/2025/Jul/32"],"published_time":"2025-07-30T00:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43239","summary":"An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. Processing a maliciously crafted file may lead to unexpected app termination.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.05073,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43240","summary":"A logic issue was addressed with improved checks. This issue is fixed in Safari 18.6, macOS Sequoia 15.6. A download's origin may be incorrectly associated.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00057,"ranking_epss":0.17683,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124152","http://seclists.org/fulldisclosure/2025/Aug/0","http://seclists.org/fulldisclosure/2025/Jul/32","http://www.openwall.com/lists/oss-security/2025/08/02/1","https://lists.debian.org/debian-lts-announce/2025/08/msg00015.html"],"published_time":"2025-07-30T00:15:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43220","summary":"This issue was addressed with improved validation of symlinks. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.0023,"ranking_epss":0.45834,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124148","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/31","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43221","summary":"An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.05073,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/36","http://seclists.org/fulldisclosure/2025/Jul/37"],"published_time":"2025-07-30T00:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43222","summary":"A use-after-free issue was addressed by removing the vulnerable code. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An attacker may be able to cause unexpected app termination.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00123,"ranking_epss":0.3142,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124148","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/31","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43223","summary":"A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. A non-privileged user may be able to modify restricted network settings.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00194,"ranking_epss":0.41371,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124148","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/31","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/35","http://seclists.org/fulldisclosure/2025/Jul/36","http://seclists.org/fulldisclosure/2025/Jul/37"],"published_time":"2025-07-30T00:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43224","summary":"An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00019,"ranking_epss":0.05073,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/36","http://seclists.org/fulldisclosure/2025/Jul/37"],"published_time":"2025-07-30T00:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43225","summary":"A logging issue was addressed with improved data redaction. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0002,"ranking_epss":0.05351,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124148","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/31","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43226","summary":"An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted image may result in disclosure of process memory.","cvss":4.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.0,"cvss_v4":null,"epss":0.00028,"ranking_epss":0.07774,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124148","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/31","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/35","http://seclists.org/fulldisclosure/2025/Jul/36","http://seclists.org/fulldisclosure/2025/Jul/37"],"published_time":"2025-07-30T00:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43227","summary":"This issue was addressed through improved state management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may disclose sensitive user information.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00214,"ranking_epss":0.43957,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124152","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155","http://seclists.org/fulldisclosure/2025/Aug/0","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/35","http://seclists.org/fulldisclosure/2025/Jul/36","http://www.openwall.com/lists/oss-security/2025/08/02/1","https://lists.debian.org/debian-lts-announce/2025/08/msg00015.html"],"published_time":"2025-07-30T00:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43209","summary":"An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00205,"ranking_epss":0.42714,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124148","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155","http://seclists.org/fulldisclosure/2025/Jul/31","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34","http://seclists.org/fulldisclosure/2025/Jul/36","http://seclists.org/fulldisclosure/2025/Jul/37"],"published_time":"2025-07-30T00:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43211","summary":"The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing web content may lead to a denial-of-service.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06156,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124148","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124152","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155","http://seclists.org/fulldisclosure/2025/Aug/0","http://seclists.org/fulldisclosure/2025/Jul/31","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/36","http://www.openwall.com/lists/oss-security/2025/08/02/1","https://lists.debian.org/debian-lts-announce/2025/08/msg00015.html"],"published_time":"2025-07-30T00:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43212","summary":"The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00127,"ranking_epss":0.32006,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124152","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155","http://seclists.org/fulldisclosure/2025/Aug/0","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/36","http://www.openwall.com/lists/oss-security/2025/08/02/1","https://lists.debian.org/debian-lts-announce/2025/08/msg00015.html"],"published_time":"2025-07-30T00:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43213","summary":"The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00164,"ranking_epss":0.37419,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124152","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155","http://seclists.org/fulldisclosure/2025/Aug/0","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/36"],"published_time":"2025-07-30T00:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43214","summary":"The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00218,"ranking_epss":0.4447,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124152","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155","http://seclists.org/fulldisclosure/2025/Aug/0","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/35","http://seclists.org/fulldisclosure/2025/Jul/36"],"published_time":"2025-07-30T00:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43215","summary":"The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted image may result in disclosure of process memory.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05652,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","http://seclists.org/fulldisclosure/2025/Jul/32"],"published_time":"2025-07-30T00:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43216","summary":"A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00153,"ranking_epss":0.36062,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124148","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124152","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155","http://seclists.org/fulldisclosure/2025/Aug/0","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/31","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/35","http://seclists.org/fulldisclosure/2025/Jul/36","http://www.openwall.com/lists/oss-security/2025/08/02/1","https://lists.debian.org/debian-lts-announce/2025/08/msg00015.html"],"published_time":"2025-07-30T00:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43218","summary":"An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted USD file may disclose memory contents.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00021,"ranking_epss":0.05652,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","http://seclists.org/fulldisclosure/2025/Jul/32"],"published_time":"2025-07-30T00:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43192","summary":"A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. Account-driven User Enrollment may still be possible with Lockdown Mode turned on.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00108,"ranking_epss":0.29065,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33"],"published_time":"2025-07-30T00:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43193","summary":"The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause a denial-of-service.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00146,"ranking_epss":0.35043,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43194","summary":"The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to modify protected parts of the file system.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00129,"ranking_epss":0.32261,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43195","summary":"An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access sensitive user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00026,"ranking_epss":0.0728,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43196","summary":"A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.13098,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43197","summary":"This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access sensitive user data.","cvss":4.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.0,"cvss_v4":null,"epss":0.00027,"ranking_epss":0.07496,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43198","summary":"This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to access protected user data.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00108,"ranking_epss":0.29065,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33"],"published_time":"2025-07-30T00:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43199","summary":"A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. A malicious app may be able to gain root privileges.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.0011,"ranking_epss":0.29392,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43206","summary":"A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access protected user data.","cvss":4.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.0,"cvss_v4":null,"epss":0.00037,"ranking_epss":0.1109,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31279","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to fingerprint the user.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00105,"ranking_epss":0.28578,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124148","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/31","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31280","summary":"A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted file may lead to heap corruption.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0003,"ranking_epss":0.08562,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","http://seclists.org/fulldisclosure/2025/Jul/32"],"published_time":"2025-07-30T00:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31281","summary":"An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. Processing a maliciously crafted file may lead to unexpected app termination.","cvss":9.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.1,"cvss_v4":null,"epss":0.00162,"ranking_epss":0.37074,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/36","http://seclists.org/fulldisclosure/2025/Jul/37"],"published_time":"2025-07-30T00:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43184","summary":"This issue was addressed by adding an additional prompt for user consent. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. A shortcut may be able to bypass sensitive Shortcuts app settings.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00109,"ranking_epss":0.29109,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/122373","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43185","summary":"A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.6. An app may be able to access protected user data.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00012,"ranking_epss":0.01509,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","http://seclists.org/fulldisclosure/2025/Jul/32"],"published_time":"2025-07-30T00:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43186","summary":"The issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Parsing a file may lead to an unexpected app termination.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00238,"ranking_epss":0.46923,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34","http://seclists.org/fulldisclosure/2025/Jul/36","http://seclists.org/fulldisclosure/2025/Jul/37"],"published_time":"2025-07-30T00:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43188","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A malicious app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00022,"ranking_epss":0.05784,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","http://seclists.org/fulldisclosure/2025/Jul/32"],"published_time":"2025-07-30T00:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43189","summary":"This issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. A malicious app may be able to read kernel memory.","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.00123,"ranking_epss":0.31461,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33"],"published_time":"2025-07-30T00:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43191","summary":"A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to cause a denial-of-service.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.0004,"ranking_epss":0.11893,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-24188","summary":"A logic issue was addressed with improved checks. This issue is fixed in Safari 18.6, macOS Sequoia 15.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00146,"ranking_epss":0.34975,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124152","http://seclists.org/fulldisclosure/2025/Aug/0","http://seclists.org/fulldisclosure/2025/Jul/32"],"published_time":"2025-07-30T00:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-24224","summary":"The issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5, iPadOS 17.7.9, macOS Sequoia 15.5, macOS Ventura 13.7.7, tvOS 18.5, visionOS 2.5, watchOS 11.5. A remote attacker may be able to cause unexpected system termination.","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00365,"ranking_epss":0.58546,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/122404","https://support.apple.com/en-us/122716","https://support.apple.com/en-us/122720","https://support.apple.com/en-us/122721","https://support.apple.com/en-us/122722","https://support.apple.com/en-us/124148","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/31","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31243","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to gain root privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00016,"ranking_epss":0.03599,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31273","summary":"The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00141,"ranking_epss":0.34253,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124152","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155","http://seclists.org/fulldisclosure/2025/Aug/0","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/36","http://www.openwall.com/lists/oss-security/2025/08/02/1","https://lists.debian.org/debian-lts-announce/2025/08/msg00015.html"],"published_time":"2025-07-30T00:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31275","summary":"A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6. A sandboxed process may be able to launch any installed app.","cvss":6.2,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.2,"cvss_v4":null,"epss":0.0003,"ranking_epss":0.08455,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124149","http://seclists.org/fulldisclosure/2025/Jul/32"],"published_time":"2025-07-30T00:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31277","summary":"The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00176,"ranking_epss":0.39143,"kev":true,"propose_action":"Apple Safari, iOS, watchOS, visionOS, iPadOS, macOS, and tvOS contain a buffer overflow vulnerability that could allow the processing of maliciously crafted web content which may lead to memory corruption.","ransomware_campaign":"Unknown","references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124152","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155","http://seclists.org/fulldisclosure/2025/Aug/0","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/36","https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain/","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-31277"],"published_time":"2025-07-30T00:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-31278","summary":"The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption.","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00142,"ranking_epss":0.34449,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/124147","https://support.apple.com/en-us/124148","https://support.apple.com/en-us/124149","https://support.apple.com/en-us/124152","https://support.apple.com/en-us/124153","https://support.apple.com/en-us/124154","https://support.apple.com/en-us/124155","http://seclists.org/fulldisclosure/2025/Aug/0","http://seclists.org/fulldisclosure/2025/Jul/31","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/36","http://www.openwall.com/lists/oss-security/2025/08/02/1","https://lists.debian.org/debian-lts-announce/2025/08/msg00015.html"],"published_time":"2025-07-30T00:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-24119","summary":"This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00023,"ranking_epss":0.06183,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://support.apple.com/en-us/122068","https://support.apple.com/en-us/124150","https://support.apple.com/en-us/124151","http://seclists.org/fulldisclosure/2025/Jul/33","http://seclists.org/fulldisclosure/2025/Jul/34"],"published_time":"2025-07-30T00:15:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-8011","summary":"Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00082,"ranking_epss":0.23998,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_22.html","https://issues.chromium.org/issues/430572435"],"published_time":"2025-07-22T22:15:39","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-8010","summary":"Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00093,"ranking_epss":0.26067,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_22.html","https://issues.chromium.org/issues/430344952"],"published_time":"2025-07-22T22:15:38","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-6558","summary":"Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00168,"ranking_epss":0.37984,"kev":true,"propose_action":"Google Chromium contains an improper input validation vulnerability in ANGLE and GPU. This vulnerability could allow a remote attacker to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.","ransomware_campaign":"Unknown","references":["https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html","https://issues.chromium.org/issues/427162086","http://seclists.org/fulldisclosure/2025/Aug/0","http://seclists.org/fulldisclosure/2025/Jul/30","http://seclists.org/fulldisclosure/2025/Jul/32","http://seclists.org/fulldisclosure/2025/Jul/35","http://seclists.org/fulldisclosure/2025/Jul/37","http://www.openwall.com/lists/oss-security/2025/08/02/1","https://lists.debian.org/debian-lts-announce/2025/08/msg00015.html","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-6558"],"published_time":"2025-07-15T18:15:24","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-5199","summary":"In Canonical Multipass up to and including version 1.15.1 on macOS, incorrect default permissions allow a local attacker to escalate privileges by modifying files executed with administrative privileges by a Launch Daemon during system startup.","cvss":7.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.3,"cvss_v4":null,"epss":0.00017,"ranking_epss":0.03805,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://github.com/canonical/multipass/pull/4115","https://github.com/canonical/multipass/security/advisories/GHSA-2j82-p5cq-62p3","https://github.com/canonical/multipass/security/advisories/GHSA-2j82-p5cq-62p3"],"published_time":"2025-07-12T00:15:23","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-47099","summary":"InCopy versions 20.3, 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.12936,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/incopy/apsb25-59.html"],"published_time":"2025-07-08T23:15:24","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-47097","summary":"InCopy versions 20.3, 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.12936,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/incopy/apsb25-59.html"],"published_time":"2025-07-08T23:15:23","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-47098","summary":"InCopy versions 20.3, 19.5.3 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.12936,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/incopy/apsb25-59.html"],"published_time":"2025-07-08T23:15:23","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-49531","summary":"Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.12936,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb25-65.html"],"published_time":"2025-07-08T22:15:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-49532","summary":"Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.12936,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb25-65.html"],"published_time":"2025-07-08T22:15:27","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-49524","summary":"Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing a disruption in service. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00029,"ranking_epss":0.08201,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb25-65.html"],"published_time":"2025-07-08T22:15:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-49525","summary":"Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00042,"ranking_epss":0.12607,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb25-65.html"],"published_time":"2025-07-08T22:15:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-49526","summary":"Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.12936,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb25-65.html"],"published_time":"2025-07-08T22:15:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-49527","summary":"Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.12936,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb25-65.html"],"published_time":"2025-07-08T22:15:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-49528","summary":"Illustrator versions 28.7.6, 29.5.1 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.12936,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb25-65.html"],"published_time":"2025-07-08T22:15:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-49529","summary":"Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.12936,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb25-65.html"],"published_time":"2025-07-08T22:15:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-49530","summary":"Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.12936,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/illustrator/apsb25-65.html"],"published_time":"2025-07-08T22:15:26","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43591","summary":"InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.12936,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-60.html"],"published_time":"2025-07-08T22:15:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43592","summary":"InDesign Desktop versions 19.5.3 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.12936,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-60.html"],"published_time":"2025-07-08T22:15:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-43594","summary":"InDesign Desktop versions 19.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.12936,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-60.html"],"published_time":"2025-07-08T22:15:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-47103","summary":"InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.12936,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-60.html"],"published_time":"2025-07-08T22:15:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-47134","summary":"InDesign Desktop versions 19.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.12936,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-60.html"],"published_time":"2025-07-08T22:15:25","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2025-47136","summary":"InDesign Desktop versions 19.5.3 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00043,"ranking_epss":0.12936,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://helpx.adobe.com/security/products/indesign/apsb25-60.html"],"published_time":"2025-07-08T22:15:25","vendor":null,"product":null,"version":null}]}