← Zuruck zu CVEs
CVE-2026-28876
HIGH7.5
Beschreibung
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to access sensitive user data.
CVE Details
CVSS v3.1 Bewertung7.5
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht3/25/2026
Zuletzt geandert3/25/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
apple:ipadosapple:iphone_osapple:macosapple:visionos
Schwachen (CWE)
CWE-284
Referenzen
https://support.apple.com/en-us/126792(product-security@apple.com)
https://support.apple.com/en-us/126793(product-security@apple.com)
https://support.apple.com/en-us/126794(product-security@apple.com)
https://support.apple.com/en-us/126795(product-security@apple.com)
https://support.apple.com/en-us/126796(product-security@apple.com)
https://support.apple.com/en-us/126799(product-security@apple.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.