PT-2026-29972 · Apple · Apple Macos
Published
2026-04-03
·
Updated
2026-04-03
·
CVE-2026-28815
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
A remote attacker can supply a short X-Wing HPKE encapsulated key and trigger an out-of-bounds read in the C decapsulation path, potentially causing a crash or memory disclosure depending on runtime protections. This issue is fixed in swift-crypto version 4.3.1.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Apple Macos