Description
CVE-2026-28951 is an authorization issue in the macOS Kernel that was addressed with improved state management. According to Apple's advisory, the flaw could allow an app to gain root privileges. It was reported by Csaba Fitzl (@theevilbit) of Iru.
Impact
Exploitation of this vulnerability could allow a local app to escalate to root privileges by exploiting a kernel-level authorization gap. Apple addressed the issue with improved state management in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, and macOS Tahoe 26.5.
CVE-2025-24201
CVE-2025-24201 is an out-of-bounds write vulnerability in WebKit, Apple's browser engine. Maliciously crafted web content could exploit this issue to break out of the Web Content sandbox, potentially leading to arbitrary code execution. Apple addressed this vulnerability by implementing improved che
Learn MoreCVE-2025-14847
MongoDB Server vulnerability CVE-2025-14847, dubbed MongoBleed, allows unauthenticated remote attackers to leak sensitive data.
Learn MoreCVE-2025-24236
CVE-2025-24236 is a security vulnerability in Apple's macOS that could allow an application to access sensitive user data. The issue was addressed by Apple through additional sandbox restrictions in macOS Sequoia 15.4 and macOS Sonoma 14.7.5. The vulnerability was discovered by Csaba Fitzl (@theevil
Learn More