Vulnerabilities in Apple

3,795 results
Vexday analysis

O ecossistema Apple acumula 3.758 CVEs catalogadas, das quais 87 estão confirmadas em exploração ativa no catálogo KEV da CISA — uma taxa que supera em 5,2 vezes a média geral do catálogo, sinalizando exposição operacional significativamente elevada. Com 154 vulnerabilidades de severidade crítica e 72 com prova de conceito pública disponível, a superfície de ataque explorável é considerável, exigindo priorização rigorosa de patches. O tipo de falha mais recorrente é CWE-200 (exposição de informações sensíveis), padrão que tende a facilitar movimentação lateral e exfiltração de dados em cadeias de ataque mais complexas. A CVE mais perigosa atualmente ativa, CVE-2021-30860, apresenta EPSS de 0,76, indicando alta probabilidade de exploração, e deve ser tratada como prioridade imediata por equipes ainda não corrigidas.

CVE-2026-28888MEDIUMA race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 2EPSS 0.2%CVE-2023-42969LOWAn app may be able to break out of its sandbox. This issue is fixed in iOS 17 and iPadOS 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14, macOEPSS 0.2%CVE-2026-43700MEDIUMA cross-origin issue was addressed with improved tracking of security origins. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 2EPSS 0.1%CVE-2025-46307MEDIUMA logic issue was addressed with improved restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user dEPSS 0.1%CVE-2024-40792LOWA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A malicious app may be able to chanEPSS 0.1%CVE-2025-43518LOWA logic issue was addressed with improved checks. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3EPSS 0.1%CVE-2023-42832HIGHA race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS VentuEPSS 0.1%CVE-2026-28919HIGHA consistency issue was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS TahoEPSS 0.1%CVE-2025-43284MEDIUMAn out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS VenEPSS 0.1%CVE-2025-46282MEDIUMThe issue was addressed with additional permissions checks. This issue is fixed in Safari 26.2, macOS Tahoe 26.2. An app may be able to acceEPSS 0.1%CVE-2026-20674MEDIUMA privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access EPSS 0.1%CVE-2023-42974HIGHA race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 anEPSS 0.1%CVE-2025-43508MEDIUMA logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive EPSS 0.1%CVE-2025-43351MEDIUMA permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protecEPSS 0.1%CVE-2025-31195MEDIUMThe issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.4. An app may be able to break out of its sandboEPSS 0.1%CVE-2024-44305HIGHThis issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.6. An app may be able to gain root privilegEPSS 0.1%CVE-2025-43309LOWA logic issue was addressed with improved checks. This issue is fixed in iOS 26 and iPadOS 26. An attacker with physical access to an iOS deEPSS 0.1%CVE-2026-43666MEDIUMAn out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and EPSS 0.1%CVE-2026-43722MEDIUMThe issue was addressed with improved input sanitization. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app maEPSS 0.1%CVE-2026-43653MEDIUMThe issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS EPSS 0.1%