{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-28867", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2026-03-03T16:36:03.973Z", "datePublished": "2026-03-25T00:31:37.433Z", "dateUpdated": "2026-03-25T00:31:37.433Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to leak sensitive kernel state"}]}], "affected": [{"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"version": "0", "status": "affected", "lessThan": "18.7.7", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "26.4", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "15.7.5", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "26.4", "versionType": "custom"}]}, {"vendor": "Apple", "product": "tvOS", "versions": [{"version": "0", "status": "affected", "lessThan": "26.4", "versionType": "custom"}]}, {"vendor": "Apple", "product": "visionOS", "versions": [{"version": "0", "status": "affected", "lessThan": "26.4", "versionType": "custom"}]}, {"vendor": "Apple", "product": "watchOS", "versions": [{"version": "0", "status": "affected", "lessThan": "26.4", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed with improved authentication. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to leak sensitive kernel state."}], "references": [{"url": "https://support.apple.com/en-us/126792"}, {"url": "https://support.apple.com/en-us/126793"}, {"url": "https://support.apple.com/en-us/126794"}, {"url": "https://support.apple.com/en-us/126795"}, {"url": "https://support.apple.com/en-us/126797"}, {"url": "https://support.apple.com/en-us/126798"}, {"url": "https://support.apple.com/en-us/126799"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-03-25T00:31:37.433Z"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "This issue was addressed with improved authentication. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to leak sensitive kernel state."}], "id": "CVE-2026-28867", "lastModified": "2026-03-25T15:41:33.977", "metrics": {}, "published": "2026-03-25T01:17:10.783", "references": [{"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/126792"}, {"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/126793"}, {"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/126794"}, {"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/126795"}, {"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/126797"}, {"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/126798"}, {"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/126799"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Awaiting Analysis"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,18.7.7)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "iOS and iPadOS", "source": "cna", "vendor": "Apple"}, "product": "ios_and_ipados", "vendor": "apple"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,15.7.5)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "macOS", "source": "cna", "vendor": "Apple"}, "product": "macos", "vendor": "apple"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "tvOS", "source": "cna", "vendor": "Apple"}, "product": "tvos", "vendor": "apple"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "visionOS", "source": "cna", "vendor": "Apple"}, "product": "visionos", "vendor": "apple"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "watchOS", "source": "cna", "vendor": "Apple"}, "product": "watchos", "vendor": "apple"}], "analysis": {"en": {"generated_at": "2026-03-25T02:50:30.618256+00:00", "value": {"mitigation_remediation": ["Upgrade iOS to version 18.7.7 or later", "Upgrade iPadOS to version 18.7.7 or later", "Upgrade macOS to version Sequoia 15.7.5 or later", "Upgrade macOS to version Tahoe 26.4 or later", "Upgrade tvOS to 26.4 or later", "Upgrade visionOS to 26.4 or later", "Upgrade watchOS to 26.4 or later"], "summary": {"action": "Apply Update", "impact": "Sensitive kernel information may be exposed to applications"}, "threat_synthesis": {"affected_systems": "Apple iOS, iPadOS, macOS, tvOS, visionOS, and watchOS are affected. The specific versions lacking protection include iOS 18.7.7 and iPadOS 18.7.7, as well as iOS 26.4 and iPadOS 26.4. macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, and watchOS 26.4. Any device running a version prior to these updates is vulnerable.", "description_and_impact": "The vulnerability allows a local application to access privileged kernel memory and reveal sensitive system information. Because the flaw stems from weakened authentication mechanisms, a malicious app could read data that should be protected, potentially exposing cryptographic keys, configuration details, or other confidential artifacts. This information disclosure could support further attacks, including privilege escalation or persistence, depending on the application's capabilities.", "risk_and_exploitability": "No EPSS score is currently published, and the vulnerability is not listed in the CISA KEV catalog, suggesting limited publicly known exploitation activity. The CVSS score is not provided, so the overall severity cannot be quantified from the data. However, the flaw can be exploited by any application that runs with user privileges on the affected operating systems, making it relatively easy for a malicious author to craft a payload that reads kernel memory. The attack vector is likely local, reliant on the ability to install or execute a native app on the device."}}}}, "created": "2026-03-25T11:37:04.466903+00:00", "title": "Kernel State Leakage via Improper Authentication in Apple Operating Systems", "updated": "2026-03-25T20:56:49.302911+00:00", "vendors": ["apple", "apple$PRODUCT$ios_and_ipados", "apple$PRODUCT$macos", "apple$PRODUCT$tvos", "apple$PRODUCT$visionos", "apple$PRODUCT$watchos"], "weaknesses": ["CWE-200", "CWE-287"]}