Known Vulnerabilities for products from Apple
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Apple".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Apple can be found at device.report : Apple
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-40599 json | Not Provided | 2026-04-21 | 2026-04-21 | |
| CVE-2026-35562 json | Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a th... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-35561 json | Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver bef... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-35560 json | Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 mi... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-35559 json | Out-of-bounds write in the query processing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-35558 json | Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 migh... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-34626 json | Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modific... | Not Provided | 2026-04-14 | 2026-04-16 |
| CVE-2026-34622 json | Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modific... | Not Provided | 2026-04-14 | 2026-04-16 |
| CVE-2026-34621 json | Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Objec... | Not Provided | 2026-04-11 | 2026-04-13 |
| CVE-2026-34385 json | Not Provided | 2026-03-27 | 2026-03-31 | |
| CVE-2026-33874 json | Gematik Authenticator securely authenticates users for login to digital health applications. Starting in version 4.12.0 and p... | Not Provided | 2026-03-27 | 2026-04-21 |
| CVE-2026-31520 json | Not Provided | 2026-04-22 | 2026-04-22 | |
| CVE-2026-30867 json | CocoaMQTT is a MQTT 5.0 client library for iOS and macOS written in Swift. Prior to version 2.2.2, a vulnerability exists in ... | Not Provided | 2026-04-02 | 2026-04-07 |
| CVE-2026-28871 json | A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 ... | Not Provided | 2026-03-25 | 2026-03-30 |
| CVE-2026-28815 json | A remote attacker can supply a short X-Wing HPKE encapsulated key and trigger an out-of-bounds read in the C decapsulation pa... | Not Provided | 2026-04-03 | 2026-04-13 |
| CVE-2026-28727 json | Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protec... | Not Provided | 2026-03-06 | 2026-04-02 |
| CVE-2026-27309 json | Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary... | Not Provided | 2026-03-27 | 2026-03-30 |
| CVE-2026-27289 json | Photoshop Desktop versions 27.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, ... | Not Provided | 2026-04-14 | 2026-04-15 |
| CVE-2026-27286 json | InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead... | Not Provided | 2026-04-14 | 2026-04-16 |
| CVE-2026-26127 json | Out-of-bounds read in .NET allows an unauthorized attacker to deny service over a network. | Not Provided | 2026-03-10 | 2026-04-01 |
Known software with vulnerabilities from Apple
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Apple | 802.11n | 7.3.1 |
| Application | Apple | Afp Server | - |
| Hardware | Apple | Airport Base Station | - |
| Operating System | Apple | Airport Base Station Firmware | 7.3.2 |
| Hardware | Apple | Airport Card | - |
| Hardware | Apple | Airport Express | - |
| Hardware | Apple | Airport Express Base Station Firmware | 6.1 |
| Hardware | Apple | Airport Extreme | - |
| Hardware | Apple | Airport Extreme Base Station Firmware | 5.5 |
| Application | Apple | Apache Mod Digest Apple | - |
| Application | Apple | Applescript | - |
| Application | Apple | Appleshare Mail Server | 5.0.3 |
| Hardware | Apple | Apple Airport Base Station Firmware | - |
| Application | Apple | Apple Application Support | 1.0 |
| Hardware | Apple | Apple Laserwriter | - |
| Application | Apple | Apple Mobile Device Support | 2.1.0.25 |
| Application | Apple | Apple Music | 1.2.1 |
| Application | Apple | Apple Remote Desktop | 1.2.4 |
| Application | Apple | Apple Support | 1.0 |
| Application | Apple | Apple Tv | 1.0.0 |