Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Apple Devices: Unauthorized Access to Kernel State
CVE-2026-28867
Summary
Some Apple devices can be vulnerable to a security risk if an attacker exploits a weakness in the way authentication works. This could potentially allow an app to gain access to sensitive information. Apple has released software updates to fix this issue, so it's essential to ensure all devices are running the latest version.
Original title
This issue was addressed with improved authentication. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26....
Original description
This issue was addressed with improved authentication. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to leak sensitive kernel state.
Published: 25 Mar 2026 · Updated: 25 Mar 2026 · First seen: 25 Mar 2026