Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,699
Quick preset (or use dates below)
Clear Filters
Showing 11,821 - 11,840 of 14,604 CVEs
CVE-2026-20680 MEDIUM - 6.5

The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. A sandboxed app may be able to access sensitive user data.

Vendor: Apple
Product: macOS, iOS and iPadOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20678 MEDIUM - 5.5

An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An app may be able to access sensitive user data.

Vendor: Apple
Product: iOS and iPadOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20676 MEDIUM - 5.3

This issue was addressed through improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, Safari 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions.

Vendor: Apple
Product: Safari, macOS, visionOS, iOS and iPadOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20675 MEDIUM - 5.5

The issue was addressed with improved bounds checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. Processing a maliciously crafted image may lead to disclosure of us...

Vendor: Apple
Product: macOS, watchOS, visionOS, iOS and iPadOS, tvOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20674 MEDIUM - 4.6

A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access to a locked device may be able to view sensitive user information.

Vendor: Apple
Product: iOS and iPadOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20673 MEDIUM - 5.3

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4. Turning off "Load remote content in messagesโ€ may not apply to all mail previews.

Vendor: Apple
Product: macOS, iOS and iPadOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20669 MEDIUM - 5.5

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data.

Vendor: Apple
Product: macOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20666 MEDIUM - 5.5

An authorization issue was addressed with improved state management. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data.

Vendor: Apple
Product: macOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20662 MEDIUM - 4.6

An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An attacker with physical access to a locked device may be able to view sensitive user information.

Vendor: Apple
Product: macOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20661 MEDIUM - 4.6

An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.

Vendor: Apple
Product: iOS and iPadOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20655 MEDIUM - 5.5

An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.

Vendor: Apple
Product: iOS and iPadOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20654 MEDIUM - 5.5

The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to cause unexpected system termination.

Vendor: Apple
Product: macOS, watchOS, visionOS, iOS and iPadOS, tvOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20653 MEDIUM - 5.5

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to access sensitive user data.

Vendor: Apple
Product: macOS, visionOS, iOS and iPadOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20648 MEDIUM - 5.5

A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Tahoe 26.3. A malicious app may be able to access notifications from other iCloud devices.

Vendor: Apple
Product: macOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20647 MEDIUM - 5.5

This issue was addressed with improved data protection. This issue is fixed in macOS Tahoe 26.3. An app may be able to access sensitive user data.

Vendor: Apple
Product: macOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20645 MEDIUM - 4.6

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.

Vendor: Apple
Product: iOS and iPadOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20644 MEDIUM - 6.5

The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.3, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.

Vendor: Apple
Product: Safari, macOS, visionOS, iOS and iPadOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20640 MEDIUM - 4.6

An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access to iPhone may be able to take and view screenshots of sensitive data from the iPhone during iPhone Mirroring with Mac.

Vendor: Apple
Product: iOS and iPadOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20638 MEDIUM - 5.5

A logic issue was addressed with improved checks. This issue is fixed in iOS 26.3 and iPadOS 26.3. A user with Live Caller ID app extensions turned off could have identifying information leaked to the extensions.

Vendor: Apple
Product: iOS and iPadOS
Published: Feb 11, 2026
Source: NVD
CVE-2026-20636 MEDIUM - 6.5

The issue was addressed with improved memory handling. This issue is fixed in iOS 26.3 and iPadOS 26.3, Safari 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.

Vendor: Apple
Product: Safari, macOS, visionOS, iOS and iPadOS
Published: Feb 11, 2026
Source: NVD