Skip to content

Commit 81d1ab8

Browse files
advisory-database[bot]advisory-database[bot]
committed
Advisory Database Sync
1 parent 58d69b6 commit 81d1ab8

93 files changed

Lines changed: 3672 additions & 1 deletion

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

advisories/unreviewed/2026/03/GHSA-2jc7-5j3r-jr6p/GHSA-2jc7-5j3r-jr6p.json

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-2jc7-5j3r-jr6p",
4+
"modified": "2026-03-25T03:31:32Z",
5+
"published": "2026-03-25T03:31:32Z",
6+
"aliases": [
7+
"CVE-2026-28837"
8+
],
9+
"details": "A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.4. An app may be able to access sensitive user data.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28837"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://support.apple.com/en-us/126794"
20+
}
21+
],
22+
"database_specific": {
23+
"cwe_ids": [],
24+
"severity": null,
25+
"github_reviewed": false,
26+
"github_reviewed_at": null,
27+
"nvd_published_at": "2026-03-25T01:17:08Z"
28+
}
29+
}

advisories/unreviewed/2026/03/GHSA-35cw-m3gx-q34f/GHSA-35cw-m3gx-q34f.json

Lines changed: 49 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,49 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-35cw-m3gx-q34f",
4+
"modified": "2026-03-25T03:31:29Z",
5+
"published": "2026-03-25T03:31:29Z",
6+
"aliases": [
7+
"CVE-2026-20668"
8+
],
9+
"details": "A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3, visionOS 26.3. An app may be able to access sensitive user data.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20668"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://support.apple.com/en-us/126346"
20+
},
21+
{
22+
"type": "WEB",
23+
"url": "https://support.apple.com/en-us/126348"
24+
},
25+
{
26+
"type": "WEB",
27+
"url": "https://support.apple.com/en-us/126353"
28+
},
29+
{
30+
"type": "WEB",
31+
"url": "https://support.apple.com/en-us/126793"
32+
},
33+
{
34+
"type": "WEB",
35+
"url": "https://support.apple.com/en-us/126795"
36+
},
37+
{
38+
"type": "WEB",
39+
"url": "https://support.apple.com/en-us/126796"
40+
}
41+
],
42+
"database_specific": {
43+
"cwe_ids": [],
44+
"severity": null,
45+
"github_reviewed": false,
46+
"github_reviewed_at": null,
47+
"nvd_published_at": "2026-03-25T01:17:05Z"
48+
}
49+
}

advisories/unreviewed/2026/03/GHSA-3gqw-qcrw-37vv/GHSA-3gqw-qcrw-37vv.json

Lines changed: 57 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,57 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-3gqw-qcrw-37vv",
4+
"modified": "2026-03-25T03:31:32Z",
5+
"published": "2026-03-25T03:31:32Z",
6+
"aliases": [
7+
"CVE-2026-28886"
8+
],
9+
"details": "A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A user in a privileged network position may be able to cause a denial-of-service.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28886"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://support.apple.com/en-us/126792"
20+
},
21+
{
22+
"type": "WEB",
23+
"url": "https://support.apple.com/en-us/126793"
24+
},
25+
{
26+
"type": "WEB",
27+
"url": "https://support.apple.com/en-us/126794"
28+
},
29+
{
30+
"type": "WEB",
31+
"url": "https://support.apple.com/en-us/126795"
32+
},
33+
{
34+
"type": "WEB",
35+
"url": "https://support.apple.com/en-us/126796"
36+
},
37+
{
38+
"type": "WEB",
39+
"url": "https://support.apple.com/en-us/126797"
40+
},
41+
{
42+
"type": "WEB",
43+
"url": "https://support.apple.com/en-us/126798"
44+
},
45+
{
46+
"type": "WEB",
47+
"url": "https://support.apple.com/en-us/126799"
48+
}
49+
],
50+
"database_specific": {
51+
"cwe_ids": [],
52+
"severity": null,
53+
"github_reviewed": false,
54+
"github_reviewed_at": null,
55+
"nvd_published_at": "2026-03-25T01:17:12Z"
56+
}
57+
}

advisories/unreviewed/2026/03/GHSA-3j78-4863-937g/GHSA-3j78-4863-937g.json

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-3j78-4863-937g",
4+
"modified": "2026-03-25T03:31:29Z",
5+
"published": "2026-03-25T03:31:29Z",
6+
"aliases": [
7+
"CVE-2026-20651"
8+
],
9+
"details": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user data.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20651"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://support.apple.com/en-us/126348"
20+
},
21+
{
22+
"type": "WEB",
23+
"url": "https://support.apple.com/en-us/126350"
24+
},
25+
{
26+
"type": "WEB",
27+
"url": "https://support.apple.com/en-us/126795"
28+
}
29+
],
30+
"database_specific": {
31+
"cwe_ids": [],
32+
"severity": null,
33+
"github_reviewed": false,
34+
"github_reviewed_at": null,
35+
"nvd_published_at": "2026-03-25T01:17:04Z"
36+
}
37+
}

advisories/unreviewed/2026/03/GHSA-3mjv-8f83-6r45/GHSA-3mjv-8f83-6r45.json

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-3mjv-8f83-6r45",
4+
"modified": "2026-03-25T03:31:30Z",
5+
"published": "2026-03-25T03:31:30Z",
6+
"aliases": [
7+
"CVE-2026-20697"
8+
],
9+
"details": "A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20697"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://support.apple.com/en-us/126794"
20+
},
21+
{
22+
"type": "WEB",
23+
"url": "https://support.apple.com/en-us/126795"
24+
},
25+
{
26+
"type": "WEB",
27+
"url": "https://support.apple.com/en-us/126796"
28+
}
29+
],
30+
"database_specific": {
31+
"cwe_ids": [],
32+
"severity": null,
33+
"github_reviewed": false,
34+
"github_reviewed_at": null,
35+
"nvd_published_at": "2026-03-25T01:17:06Z"
36+
}
37+
}

advisories/unreviewed/2026/03/GHSA-3rj4-3j6v-m6r5/GHSA-3rj4-3j6v-m6r5.json

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,33 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-3rj4-3j6v-m6r5",
4+
"modified": "2026-03-25T03:31:28Z",
5+
"published": "2026-03-25T03:31:28Z",
6+
"aliases": [
7+
"CVE-2025-43534"
8+
],
9+
"details": "A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.2 and iPadOS 26.2. A user with physical access to an iOS device may be able to bypass Activation Lock.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-43534"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://support.apple.com/en-us/125884"
20+
},
21+
{
22+
"type": "WEB",
23+
"url": "https://support.apple.com/en-us/126793"
24+
}
25+
],
26+
"database_specific": {
27+
"cwe_ids": [],
28+
"severity": null,
29+
"github_reviewed": false,
30+
"github_reviewed_at": null,
31+
"nvd_published_at": "2026-03-25T01:17:01Z"
32+
}
33+
}

advisories/unreviewed/2026/03/GHSA-4546-p244-689v/GHSA-4546-p244-689v.json

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-4546-p244-689v",
4+
"modified": "2026-03-25T03:31:31Z",
5+
"published": "2026-03-25T03:31:31Z",
6+
"aliases": [
7+
"CVE-2026-28827"
8+
],
9+
"details": "A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to break out of its sandbox.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28827"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://support.apple.com/en-us/126794"
20+
},
21+
{
22+
"type": "WEB",
23+
"url": "https://support.apple.com/en-us/126795"
24+
},
25+
{
26+
"type": "WEB",
27+
"url": "https://support.apple.com/en-us/126796"
28+
}
29+
],
30+
"database_specific": {
31+
"cwe_ids": [],
32+
"severity": null,
33+
"github_reviewed": false,
34+
"github_reviewed_at": null,
35+
"nvd_published_at": "2026-03-25T01:17:07Z"
36+
}
37+
}

advisories/unreviewed/2026/03/GHSA-4c59-fwcr-3f7g/GHSA-4c59-fwcr-3f7g.json

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,45 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-4c59-fwcr-3f7g",
4+
"modified": "2026-03-25T03:31:32Z",
5+
"published": "2026-03-25T03:31:32Z",
6+
"aliases": [
7+
"CVE-2026-28870"
8+
],
9+
"details": "An information leakage was addressed with additional validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to access sensitive user data.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28870"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://support.apple.com/en-us/126792"
20+
},
21+
{
22+
"type": "WEB",
23+
"url": "https://support.apple.com/en-us/126794"
24+
},
25+
{
26+
"type": "WEB",
27+
"url": "https://support.apple.com/en-us/126797"
28+
},
29+
{
30+
"type": "WEB",
31+
"url": "https://support.apple.com/en-us/126798"
32+
},
33+
{
34+
"type": "WEB",
35+
"url": "https://support.apple.com/en-us/126799"
36+
}
37+
],
38+
"database_specific": {
39+
"cwe_ids": [],
40+
"severity": null,
41+
"github_reviewed": false,
42+
"github_reviewed_at": null,
43+
"nvd_published_at": "2026-03-25T01:17:11Z"
44+
}
45+
}

advisories/unreviewed/2026/03/GHSA-4cw8-47wj-7w4j/GHSA-4cw8-47wj-7w4j.json

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-4cw8-47wj-7w4j",
4+
"modified": "2026-03-25T03:31:32Z",
5+
"published": "2026-03-25T03:31:32Z",
6+
"aliases": [
7+
"CVE-2026-28844"
8+
],
9+
"details": "A file access issue was addressed with improved input validation. This issue is fixed in macOS Tahoe 26.4. An attacker may gain access to protected parts of the file system.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28844"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://support.apple.com/en-us/126794"
20+
}
21+
],
22+
"database_specific": {
23+
"cwe_ids": [],
24+
"severity": null,
25+
"github_reviewed": false,
26+
"github_reviewed_at": null,
27+
"nvd_published_at": "2026-03-25T01:17:09Z"
28+
}
29+
}

0 commit comments

Comments
 (0)