{"id":12777,"date":"2026-05-12T04:03:41","date_gmt":"2026-05-12T04:03:41","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/05\/12\/32976\/"},"modified":"2026-05-12T04:03:41","modified_gmt":"2026-05-12T04:03:41","slug":"32976","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/05\/12\/32976\/","title":{"rendered":"Apple Patches Everything, (Mon, May 11th)"},"content":{"rendered":"<p>    Apple Patches Everything, (Mon, May 11th)<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p>Apple today released its typical feature update across it&#8217;s operating systems (iOS, iPadOS, macOS, tvOS, watchOS, vision OS). With this update, Apple patched 84 different vulnerabilities. Updates are available for the &#8220;26&#8221; series of operating systems, as well as for the previous &#8220;18&#8221; version of iOS\/iPadOS, and two versions back for macOS (version 14 and 15).<\/p>\n<p>None of the vulnerabilities has been exploited. The number of addressed vulnerabilities is about average compared to similar Apple updates.<\/p>\n<p><img data-recalc-dims=\"1\" decoding=\"async\" alt=\"\" src=\"https:\/\/i0.wp.com\/isc.sans.edu\/diaryimages\/images\/Screenshot%25202026-05-11%2520at%25203_17_51%25E2%2580%25AFPM.png?ssl=1\" style=\"width: 600px; height: 349px;\"><\/p>\n<p>Figure: Number of Vulnerabilities patched for each security update. Last one in red at the end.<\/p>\n<table class=\"datatable\">\n<thead>\n<tr>\n<th>iOS 26.5 and iPadOS 26.5<\/th>\n<th>iOS 18.7.9 and iPadOS 18.7.9<\/th>\n<th>macOS Tahoe 26.5<\/th>\n<th>macOS Sequoia 15.7.7<\/th>\n<th>macOS Sonoma 14.8.7<\/th>\n<th>tvOS 26.5<\/th>\n<th>watchOS 26.5<\/th>\n<th>visionOS 26.5<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2025-43524:<\/b> An app may be able to break out of its sandbox.<br \/>\n\t\t\tAffects Icons<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28819:<\/b> An app may be able to execute arbitrary code with kernel privileges.<br \/>\n\t\t\tAffects Wi-Fi<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28840:<\/b> An app may be able to gain root privileges.<br \/>\n\t\t\tAffects PackageKit<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28846:<\/b> A remote attacker may be able to cause unexpected app termination.<br \/>\n\t\t\tAffects SceneKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28848:<\/b> A remote attacker may be able to cause unexpected system termination.<br \/>\n\t\t\tAffects SMB<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28870:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects GeoServices<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28872:<\/b> A remote attacker may be able to cause a denial-of-service.<br \/>\n\t\t\tAffects Calendar<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28873:<\/b> An app may be able to circumvent App Privacy Report logging.<br \/>\n\t\t\tAffects Privacy<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28877:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects Accounts<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28878:<\/b> An app may be able to enumerate a user&#8217;s installed apps.<br \/>\n\t\t\tAffects Crash Reporter<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28882:<\/b> An app may be able to enumerate a user&#8217;s installed apps.<br \/>\n\t\t\tAffects libxpc<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28883:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28894:<\/b> A remote attacker may be able to cause a denial-of-service.<br \/>\n\t\t\tAffects Calling Framework<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28897:<\/b> A local user may be able to cause unexpected system termination or read kernel memory.<br \/>\n\t\t\tAffects Kernel<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28901:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28906:<\/b> An attacker may be able to track users through their IP address.<br \/>\n\t\t\tAffects Networking<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28907:<\/b> Processing maliciously crafted web content may prevent Content Security Policy from being enforced.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28908:<\/b> An app may be able to modify protected parts of the file system.<br \/>\n\t\t\tAffects Kernel<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28913:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28914:<\/b> A maliciously crafted ZIP archive may bypass Gatekeeper checks.<br \/>\n\t\t\tAffects zip<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28915:<\/b> An app may be able to gain root privileges.<br \/>\n\t\t\tAffects CUPS<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28917:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28918:<\/b> Parsing a maliciously crafted file may lead to an unexpected app termination.<br \/>\n\t\t\tAffects CoreSymbolication<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28919:<\/b> An app may be able to gain root privileges.<br \/>\n\t\t\tAffects StorageKit<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28920:<\/b> Visiting a maliciously crafted website may leak sensitive data.<br \/>\n\t\t\tAffects zlib<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28922:<\/b> An app may be able to access private information.<br \/>\n\t\t\tAffects CoreMedia<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28923:<\/b> A malicious app may be able to break out of its sandbox.<br \/>\n\t\t\tAffects GPU Drivers<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28924:<\/b> An app may be able to access Contacts without user consent.<br \/>\n\t\t\tAffects Sync Services<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28925:<\/b> An app may be able to cause unexpected system termination or write kernel memory.<br \/>\n\t\t\tAffects HFS<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28929:<\/b> Replying to an email could display remote images in Mail in Lockdown Mode.<br \/>\n\t\t\tAffects Mail Drafts<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28930:<\/b> An app may be able to access protected user data.<br \/>\n\t\t\tAffects Spotlight<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28936:<\/b> Processing a maliciously crafted file may lead to unexpected app termination.<br \/>\n\t\t\tAffects CoreServices<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28940:<\/b> Processing a maliciously crafted image may corrupt process memory.<br \/>\n\t\t\tAffects Model I\/O<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28941:<\/b> Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents.<br \/>\n\t\t\tAffects Model I\/O<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28942:<\/b> Processing maliciously crafted web content may lead to an unexpected Safari crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28943:<\/b> An app may be able to determine kernel memory layout.<br \/>\n\t\t\tAffects IOHIDFamily<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28944:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects WebRTC<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28947:<\/b> Processing maliciously crafted web content may lead to an unexpected Safari crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28951:<\/b> An app may be able to gain root privileges.<br \/>\n\t\t\tAffects Kernel<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28952:<\/b> An app may be able to cause unexpected system termination.<br \/>\n\t\t\tAffects Kernel<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28953:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28954:<\/b> A maliciously crafted disk image may bypass Gatekeeper checks.<br \/>\n\t\t\tAffects Kernel<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28956:<\/b> Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.<br \/>\n\t\t\tAffects AppleJPEG<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28957:<\/b> An app may be able to capture a user&#8217;s screen.<br \/>\n\t\t\tAffects Status Bar<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28958:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28959:<\/b> An app may be able to cause unexpected system termination.<br \/>\n\t\t\tAffects APFS<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28961:<\/b> An attacker with physical access to a locked device may be able to view sensitive user information.<br \/>\n\t\t\tAffects Network Extensions<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28962:<\/b> Processing maliciously crafted web content may disclose sensitive user information.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28963:<\/b> An attacker with physical access may be able to use Visual Intelligence to access sensitive user data during iPhone Mirroring.<br \/>\n\t\t\tAffects Screenshots<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28964:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects CoreAnimation<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28965:<\/b> A user may be able to view restricted content from the lock screen.<br \/>\n\t\t\tAffects WidgetKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28969:<\/b> An app may be able to cause unexpected system termination.<br \/>\n\t\t\tAffects IOKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28971:<\/b> A malicious iframe may use another website?s download settings.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28972:<\/b> An app may be able to cause unexpected system termination or write kernel memory.<br \/>\n\t\t\tAffects Kernel<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28974:<\/b> An app may be able to cause a denial-of-service.<br \/>\n\t\t\tAffects Spotlight<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28976:<\/b> An app may be able to gain root privileges.<br \/>\n\t\t\tAffects UserAccountUpdater<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28977:<\/b> Processing a maliciously crafted file may lead to unexpected app termination.<br \/>\n\t\t\tAffects ImageIO<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28978:<\/b> A malicious app may be able to break out of its sandbox.<br \/>\n\t\t\tAffects Installer<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28983:<\/b> A remote attacker may be able to cause a denial of service.<br \/>\n\t\t\tAffects LaunchServices<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28985:<\/b> An attacker on the local network may be able to cause a denial-of-service.<br \/>\n\t\t\tAffects mDNSResponder<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28986:<\/b> An app may be able to cause unexpected system termination.<br \/>\n\t\t\tAffects Kernel<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28987:<\/b> An app may be able to leak sensitive kernel state.<br \/>\n\t\t\tAffects Kernel<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28988:<\/b> An app may be able to bypass certain Privacy preferences.<br \/>\n\t\t\tAffects Accounts<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28990:<\/b> Processing a maliciously crafted image may corrupt process memory.<br \/>\n\t\t\tAffects ImageIO<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28991:<\/b> An app may be able to cause a denial-of-service.<br \/>\n\t\t\tAffects Accelerate<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28992:<\/b> An attacker may be able to cause unexpected app termination.<br \/>\n\t\t\tAffects IOHIDFamily<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28993:<\/b> An app may be able to access user-sensitive data.<br \/>\n\t\t\tAffects Shortcuts<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28994:<\/b> An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Wi-Fi packets.<br \/>\n\t\t\tAffects Wi-Fi<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28995:<\/b> A malicious app may be able to break out of its sandbox.<br \/>\n\t\t\tAffects App Intents<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-28996:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects Storage<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-39869:<\/b> Processing an audio stream in a maliciously crafted media file may terminate the process.<br \/>\n\t\t\tAffects Audio<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-39870:<\/b> Processing a maliciously crafted image may corrupt process memory.<br \/>\n\t\t\tAffects SceneKit<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-39871:<\/b> An app may be able to observe unprotected user data.<br \/>\n\t\t\tAffects TV App<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-43652:<\/b> An app may be able to access protected user data.<br \/>\n\t\t\tAffects Sandbox<\/td>\n<\/tr>\n<tr>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-43653:<\/b> An attacker on the local network may be able to cause a denial-of-service.<br \/>\n\t\t\tAffects mDNSResponder<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-43654:<\/b> An app may be able to disclose kernel memory.<br \/>\n\t\t\tAffects Kernel<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-43655:<\/b> An app may be able to cause unexpected system termination or read kernel memory.<br \/>\n\t\t\tAffects IOSurfaceAccelerator<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-43656:<\/b> Parsing a maliciously crafted file may lead to an unexpected app termination.<br \/>\n\t\t\tAffects Quick Look<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-43658:<\/b> Processing maliciously crafted web content may lead to an unexpected Safari crash.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-43659:<\/b> An app may be able to access sensitive user data.<br \/>\n\t\t\tAffects FileProvider<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-43660:<\/b> Processing maliciously crafted web content may prevent Content Security Policy from being enforced.<br \/>\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-43661:<\/b> Processing a maliciously crafted image may corrupt process memory.<br \/>\n\t\t\tAffects ImageIO<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<td>\u00a0<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>\u00a0<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-43666:<\/b> An attacker on the local network may be able to cause a denial-of-service.<br \/>\n\t\t\tAffects mDNSResponder<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<tr>\n<td align=\"center\" colspan=\"8\">\n<b>CVE-2026-43668:<\/b> A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.<br \/>\n\t\t\tAffects mDNSResponder<\/td>\n<\/tr>\n<tr>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<td>x<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>&#8212;<br \/>\nJohannes B. Ullrich, Ph.D. , Dean of Research, <a href=\"https:\/\/sans.edu\/\">SANS.edu<\/a><br \/>\n<a href=\"https:\/\/jbu.me\/164\">Twitter<\/a>|<\/p>\n<p> (c) SANS Internet Storm Center. https:\/\/isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.<\/p><\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><\/p>\n<p> \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/isc.sans.edu\/diary\/rss\/32976\">Go to isc.sans.edu<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Apple Patches Everything, (Mon, May 11th) Apple today released its typical feature update across it&#8217;s operating systems (iOS, iPadOS, macOS, tvOS, watchOS, vision OS). With this update, Apple patched 84 different vulnerabilities. Updates are available for the &#8220;26&#8221; series of operating systems, as well as for the previous &#8220;18&#8221; version of iOS\/iPadOS, and two versions [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[56],"tags":[69],"class_list":["post-12777","post","type-post","status-publish","format-standard","hentry","category-isc-sans-edu","tag-isc-sans-edu"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/12777"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=12777"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/12777\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=12777"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=12777"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=12777"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}