Ro Achterberg

**Name of the Vulnerable Software and Affected Versions** macOS Tahoe versions prior to 26.5 **Description** A logic issue involving file handling allows a maliciously crafted ZIP archive to bypass Gatekeeper checks. Gatekeeper is a security feature that ensures only trusted software runs on the system. **Recommendations** Update to macOS Tahoe 26.5.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 18.7.9 iOS versions prior to 26.5 iPadOS versions prior to 18.7.9 iPadOS versions prior to 26.5 macOS Sonoma versions prior to 14.8.7 macOS Tahoe versions prior to 26.5 visionOS versions prior to 26.5 **Description** Processing a maliciously crafted file may lead to unexpected app termination. **Recommendations** Update iOS to version 18.7.9 or 26.5. Update iPadOS to version 18.7.9 or 26.5. Update macOS Sonoma to version 14.8.7. Update macOS Tahoe to version 26.5. Update visionOS to version 26.5.

**Name of the Vulnerable Software and Affected Versions** macOS Sequoia versions prior to 15.7.7 macOS Sonoma versions prior to 14.8.7 macOS Tahoe versions prior to 26.5 **Description** A race condition exists due to improper handling of symbolic links, which are shortcuts that point to another file or directory. This flaw may allow an application to access Contacts without obtaining user consent. **Recommendations** Update macOS Sequoia to version 15.7.7. Update macOS Sonoma to version 14.8.7. Update macOS Tahoe to version 26.5.

**Name of the Vulnerable Software and Affected Versions** macOS Sequoia versions prior to 15.7.7 macOS Sonoma versions prior to 14.8.7 macOS Tahoe versions prior to 26.5 **Description** A parsing issue in the handling of directory paths could allow an app to gain root privileges. This was addressed by improving path validation. **Recommendations** Update macOS Sequoia to version 15.7.7. Update macOS Sonoma to version 14.8.7. Update macOS Tahoe to version 26.5.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Sonoma 14.8.3 macOS versions prior to Sequoia 15.7.3 **Description** A flaw allowed an application to potentially access sensitive location data. The vulnerable code has been removed in updated versions. **Recommendations** Update to macOS Sonoma version 14.8.3 or later. Update to macOS Sequoia version 15.7.3 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Sonoma 14.8.3 macOS versions prior to Sequoia 15.7.3 **Description** A logic issue existed that allowed an application to potentially elevate privileges. Improved checks were implemented to resolve this issue. **Recommendations** Update to macOS Sonoma version 14.8.3 or later. Update to macOS Sequoia version 15.7.3 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Tahoe 26.2 Safari versions prior to 26.2 **Description** A flaw exists due to improved URL validation. Specifically, on a Mac with Lockdown Mode enabled, web content opened via a file URL may be able to use Web APIs that should be restricted. **Recommendations** Update to macOS Tahoe 26.2. Update to Safari 26.2.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 13.7.7 iPadOS versions prior to 17.7.9 iOS versions prior to 18.6 macOS Sonoma versions prior to 14.7.7 watchOS versions prior to 11.6 macOS Sequoia versions prior to 15.6 tvOS versions prior to 18.6 visionOS versions prior to 2.6 **Description** A denial-of-service issue was addressed with improved input validation. A non-privileged user may be able to modify restricted network settings. **Recommendations** Update macOS to version 13.7.7 or later. Update iPadOS to version 17.7.9 or later. Update iOS to version 18.6 or later. Update macOS Sonoma to version 14.7.7 or later. Update watchOS to version 11.6 or later. Update macOS Sequoia to version 15.6 or later. Update tvOS to version 18.6 or later. Update visionOS to version 2.6 or later.

**Name of the Vulnerable Software and Affected Versions** iPadOS versions prior to 17.7.9 macOS Sequoia versions prior to 15.6 macOS Sonoma versions prior to 14.7.7 macOS Ventura versions prior to 13.7.7 **Description** A use-after-free issue existed due to vulnerable code. Removing the vulnerable code resolves the issue. This could allow an attacker to cause unexpected app termination. **Recommendations** Update iPadOS to version 17.7.9. Update macOS Sequoia to version 15.6. Update macOS Sonoma to version 14.7.7. Update macOS Ventura to version 13.7.7.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 15.6 **Description** A logic issue existed due to insufficient checks. Processing maliciously crafted web content may lead to an unexpected Safari crash. **Recommendations** Update to macOS version 15.6.

**Name of the Vulnerable Software and Affected Versions** watchOS versions prior to 11.5 tvOS versions prior to 18.5 iOS versions prior to 18.5 iPadOS versions prior to 18.5 macOS Sequoia versions prior to 15.5 visionOS versions prior to 2.5 Safari versions prior to 18.5 **Description** Processing maliciously crafted web content may lead to memory corruption. The issue was addressed with improved checks. **Recommendations** For watchOS versions prior to 11.5, update to watchOS 11.5. For tvOS versions prior to 18.5, update to tvOS 18.5. For iOS versions prior to 18.5, update to iOS 18.5. For iPadOS versions prior to 18.5, update to iPadOS 18.5. For macOS Sequoia versions prior to 15.5, update to macOS Sequoia 15.5. For visionOS versions prior to 2.5, update to visionOS 2.5. For Safari versions prior to 18.5, update to Safari 18.5.

**Name of the Vulnerable Software and Affected Versions** Safari versions prior to 17.6 tvOS versions prior to 17.6 visionOS versions prior to 1.3 watchOS versions prior to 10.6 iOS versions prior to 17.6 iPadOS versions prior to 17.6 macOS Sonoma versions prior to 14.6 **Description** An issue in the handling of URL protocols was addressed with improved logic, which may allow a user to bypass some web content restrictions. **Recommendations** For Safari version prior to 17.6, update to version 17.6 or later. For tvOS version prior to 17.6, update to version 17.6 or later. For visionOS version prior to 1.3, update to version 1.3 or later. For watchOS version prior to 10.6, update to version 10.6 or later. For iOS version prior to 17.6, update to version 17.6 or later. For iPadOS version prior to 17.6, update to version 17.6 or later. For macOS Sonoma version prior to 14.6, update to version 14.6 or later.