Kirin

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 26.3 **Description** A privacy issue existed due to insufficient redaction of private data in log entries. This allowed an application to potentially access a user's contact information. **Recommendations** Update to macOS version 26.3.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Tahoe 26.3 **Description** An application may be capable of accessing sensitive user data due to insufficient data protection mechanisms. **Recommendations** Update to macOS Tahoe 26.3.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 26.2 iOS versions prior to 26.2 iPadOS versions prior to 26.2 watchOS versions prior to 26.2 **Description** A logging issue existed that allowed an application to potentially access a user’s Safari history. The issue was addressed with improved data redaction. **Recommendations** Update macOS to version 26.2. Update iOS to version 26.2. Update iPadOS to version 26.2. Update watchOS to version 26.2.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 26.2 **Description** An application may be able to access protected user data due to improper handling of caches. **Recommendations** Update to version 26.2 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 15.7.2 **Description** A permissions issue existed due to insufficient sandbox restrictions, potentially allowing an application to access sensitive user data. **Recommendations** Update to macOS version 15.7.2 to address the issue.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 18.7.2 iPadOS versions prior to 18.7.2 **Description** An issue existed where an application could potentially access sensitive user data. The problematic code has been removed to address this privacy concern. **Recommendations** Update to iOS version 18.7.2. Update to iPadOS version 18.7.2.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 14.8.2 macOS versions prior to 15.7.2 **Description** An issue existed where an application could potentially access sensitive user data due to insufficient redaction of private data in log entries. **Recommendations** Update to macOS version 14.8.2 or later. Update to macOS version 15.7.2 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Tahoe 26 **Description** A flaw allows an application to potentially access protected user data due to a downgrade issue. This issue was addressed with additional code-signing restrictions. **Recommendations** Update to macOS Tahoe 26.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Tahoe 26 **Description** A privacy issue was addressed with improved private data redaction for log entries. An application may be able to access user-sensitive data. **Recommendations** Update to macOS Tahoe 26 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Sonoma 14.8 macOS versions prior to Tahoe 26 **Description** A privacy issue was addressed by relocating sensitive data. An application may be able to access protected user data. **Recommendations** Update to macOS Sonoma 14.8. Update to macOS Tahoe 26.

**Name of the Vulnerable Software and Affected Versions** iPadOS versions prior to 17.7.9 macOS Sequoia versions prior to 15.6 macOS Sonoma versions prior to 14.7.7 macOS Ventura versions prior to 13.7.7 **Description** A logging issue existed due to insufficient data redaction. This allowed an application to potentially access sensitive user data. **Recommendations** Update iPadOS to version 17.7.9. Update macOS Sequoia to version 15.6. Update macOS Sonoma to version 14.7.7. Update macOS Ventura to version 13.7.7.

**Name of the Vulnerable Software and Affected Versions** iPadOS versions 17.7.7 and earlier macOS Ventura versions 13.7.6 and earlier macOS Sequoia versions 15.5 and earlier macOS Sonoma versions 14.7.6 and earlier **Description** A logging issue was addressed with improved data redaction, which could allow an app to access associated usernames and websites in a user's iCloud Keychain. **Recommendations** For iPadOS versions prior to 17.7.7, update to iPadOS 17.7.7 to resolve the issue. For macOS Ventura versions prior to 13.7.6, update to macOS Ventura 13.7.6 to resolve the issue. For macOS Sequoia versions prior to 15.5, update to macOS Sequoia 15.5 to resolve the issue. For macOS Sonoma versions prior to 14.7.6, update to macOS Sonoma 14.7.6 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 15.5 **Description** An information disclosure issue was addressed with improved privacy controls. This issue allows an app to potentially access sensitive user data. **Recommendations** For versions prior to 15.5, update to macOS Sequoia 15.5 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 13.7.3 macOS versions prior to 14.7.3 macOS versions prior to 15.3 iPadOS versions prior to 17.7.4 **Description** The issue is related to insufficient access control in macOS and iPadOS, allowing a remote attacker to bypass security restrictions and gain unauthorized access to information. An app may be able to determine a user's current location. **Recommendations** For macOS versions prior to 13.7.3, update to macOS Ventura 13.7.3 to resolve the issue. For macOS versions prior to 14.7.3, update to macOS Sonoma 14.7.3 to resolve the issue. For macOS versions prior to 15.3, update to macOS Sequoia 15.3 to resolve the issue. For iPadOS versions prior to 17.7.4, update to iPadOS 17.7.4 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 13.7.3 macOS versions prior to 14.7.3 macOS versions prior to 15.3 **Description** A logic issue was addressed with improved restrictions, which may allow an app to access information about a user's contacts. The issue is related to insufficient protection of service data in the AppleMobileFileIntegrity component of the MacOs operating system. **Recommendations** For macOS versions prior to 13.7.3, update to macOS Ventura 13.7.3 to resolve the issue. For macOS versions prior to 14.7.3, update to macOS Sonoma 14.7.3 to resolve the issue. For macOS versions prior to 15.3, update to macOS Sequoia 15.3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 15.3 **Description** The issue is related to the insecure storage of confidential information in the Messages component of the MacOs operating system. Exploitation of this issue may allow an attacker to gain unauthorized access to protected information. An application may be able to access user-sensitive data. The estimated number of potentially affected devices worldwide is not specified. **Recommendations** For versions prior to 15.3, update to macOS Sequoia 15.3 to resolve the issue. As a temporary workaround, consider restricting access to sensitive information until the update is applied.

**Name of the Vulnerable Software and Affected Versions** macOS Sequoia versions prior to 15.3 iOS versions prior to 18.3 iPadOS versions prior to 18.3 **Description** A privacy issue was addressed with improved private data redaction for log entries. An app may be able to view a contact's phone number in system logs. This issue is related to the disclosure of information through system log files. **Recommendations** For macOS Sequoia versions prior to 15.3, update to macOS Sequoia 15.3 to resolve the issue. For iOS versions prior to 18.3, update to iOS 18.3 to resolve the issue. For iPadOS versions prior to 18.3, update to iPadOS 18.3 to resolve the issue. As a temporary workaround, consider restricting access to system logs to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 15.3 **Description** An information disclosure issue was addressed with improved privacy controls. This issue allows an app to access user-sensitive data due to inadequate protection of confidential information. **Recommendations** For versions prior to 15.3, update to macOS Sequoia 15.3 to resolve the issue.

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.2 Description: A malicious application may be able to determine a user's current location. The issue was resolved by sanitizing logging. Recommendations: For versions prior to 15.2, update to macOS Sequoia 15.2 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS Sequoia versions prior to 15.1 **Description** A privacy issue was addressed with improved private data redaction for log entries. An app may be able to access information about a user's contacts. **Recommendations** For versions prior to 15.1, update to macOS Sequoia 15.1 to resolve the issue. As a temporary workaround, consider restricting access to contact information until the update is applied.