Known Vulnerabilities for products from Apple
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Apple".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Apple can be found at device.report : Apple
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-43661 json | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS T... | Not Provided | 2026-05-11 | 2026-05-12 |
| CVE-2026-43660 json | A validation issue was addressed with improved logic. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadO... | Not Provided | 2026-05-11 | 2026-05-12 |
| CVE-2026-40604 json | ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.6, the opfi... | Not Provided | 2026-04-21 | 2026-04-24 |
| CVE-2026-40599 json | ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.5, Clearanc... | Not Provided | 2026-04-21 | 2026-04-24 |
| CVE-2026-39871 json | A path handling issue was addressed with improved logic. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, ma... | Not Provided | 2026-05-11 | 2026-05-12 |
| CVE-2026-35562 json | Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a th... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-35561 json | Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver bef... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-35560 json | Improper certificate validation in the identity provider connection components in Amazon Athena ODBC driver before 2.1.0.0 mi... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-35559 json | Out-of-bounds write in the query processing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-35558 json | Improper neutralization of special elements in the authentication components in Amazon Athena ODBC driver before 2.1.0.0 migh... | Not Provided | 2026-04-03 | 2026-04-14 |
| CVE-2026-34626 json | Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modific... | Not Provided | 2026-04-14 | 2026-04-16 |
| CVE-2026-34622 json | Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modific... | Not Provided | 2026-04-14 | 2026-04-16 |
| CVE-2026-34621 json | Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Objec... | Not Provided | 2026-04-11 | 2026-04-13 |
| CVE-2026-34617 json | Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could result... | Not Provided | 2026-04-14 | 2026-04-22 |
| CVE-2026-34615 json | Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could... | Not Provided | 2026-04-14 | 2026-04-28 |
| CVE-2026-34614 json | Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an ... | Not Provided | 2026-04-14 | 2026-04-22 |
| CVE-2026-34385 json | Not Provided | 2026-03-27 | 2026-03-31 | |
| CVE-2026-33874 json | Gematik Authenticator securely authenticates users for login to digital health applications. Starting in version 4.12.0 and p... | Not Provided | 2026-03-27 | 2026-04-21 |
| CVE-2026-33450 json | CVE-2026-33450 is an out of bounds read vulnerability in the Secure Access MacOS client prior to 14.50. Attackers with contr... | Not Provided | 2026-04-30 | 2026-05-05 |
| CVE-2026-33448 json | CVE-2026-33448 is a format string vulnerability in the logging subsystem of Secure Access client for MacOS prior to 14.50. A... | Not Provided | 2026-04-30 | 2026-05-05 |
Known software with vulnerabilities from Apple
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Apple | 802.11n | 7.3.1 |
| Application | Apple | Afp Server | - |
| Hardware | Apple | Airport Base Station | - |
| Operating System | Apple | Airport Base Station Firmware | 7.3.2 |
| Hardware | Apple | Airport Card | - |
| Hardware | Apple | Airport Express | - |
| Hardware | Apple | Airport Express Base Station Firmware | 6.1 |
| Hardware | Apple | Airport Extreme | - |
| Hardware | Apple | Airport Extreme Base Station Firmware | 5.5 |
| Application | Apple | Apache Mod Digest Apple | - |
| Application | Apple | Applescript | - |
| Application | Apple | Appleshare Mail Server | 5.0.3 |
| Hardware | Apple | Apple Airport Base Station Firmware | - |
| Application | Apple | Apple Application Support | 1.0 |
| Hardware | Apple | Apple Laserwriter | - |
| Application | Apple | Apple Mobile Device Support | 2.1.0.25 |
| Application | Apple | Apple Music | 1.2.1 |
| Application | Apple | Apple Remote Desktop | 1.2.4 |
| Application | Apple | Apple Support | 1.0 |
| Application | Apple | Apple Tv | 1.0.0 |