- 137/2026
- High
Apple has released security updates to address multiple vulnerabilities across macOS Tahoe, macOS Sequoia, macOS Sonoma, and Safari.
The addressed vulnerabilities could allow the attacker to conduct denial-ofservice attacks, gain elevated privileges, obtain sensitive information, bypass security restrictions, or execute arbitrary code and gain access to affected systems.
Sample of the addressed vulnerabilities:
1. Apple Safari Use-After-Free Vulnerability (CVE-2026-28947):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Denial of Service
2. Apple macOS Disclose Sensitive User Information Vulnerability (CVE-2026- 28995):
- CVSS: 7.5
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Consequences: Obtain Information
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.