Apple Macos Sonoma
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Apple Macos Sonoma.
Recent Apple Macos Sonoma Security Advisories
| Advisory | Title | Published |
|---|---|---|
| 126796 | macOS Sonoma 14.8.5 - Apple Security Content | March 24, 2026 |
| 126350 | macOS Sonoma 14.8.4 - Apple Security Content | February 11, 2026 |
| 125888 | macOS Sonoma 14.8.3 - Apple Security Content | December 12, 2025 |
| 125636 | macOS Sonoma 14.8.2 - Apple Security Content | November 3, 2025 |
| 125330 | macOS Sonoma 14.8.1 - Apple Security Content | September 29, 2025 |
| 125112 | macOS Sonoma 14.8 - Apple Security Content | September 15, 2025 |
| 124928 | macOS Sonoma 14.7.8 - Apple Security Content | August 20, 2025 |
| 124150 | macOS Sonoma 14.7.7 - Apple Security Content | July 29, 2025 |
| 122717 | macOS Sonoma 14.7.6 - Apple Security Content | May 12, 2025 |
| 122374 | macOS Sonoma 14.7.5 - Apple Security Content | March 31, 2025 |
By the Year
In 2026 there have been 82 vulnerabilities in Apple Macos Sonoma with an average score of 6.2 out of ten. Last year, in 2025 Macos Sonoma had 115 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Macos Sonoma in 2026 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2026 is greater by 0.16.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 82 | 6.20 |
| 2025 | 115 | 6.04 |
| 2024 | 5 | 6.88 |
| 2023 | 1 | 10.00 |
It may take a day or so for new Macos Sonoma vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Apple Macos Sonoma Security Vulnerabilities
Apple Keychain Local Access via Permission Bypass (iOS 18.7.7, macOS 15.7.5)
CVE-2026-28864
3.3 - Low
- March 25, 2026
This issue was addressed with improved permissions checking. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A local attacker may gain access to user's Keychain items.
AuthZ
macOS Out-of-Bounds Write Allowing File System Modification (Fixed in Sequoia 15.7.5)
CVE-2026-28825
5.5 - Medium
- March 25, 2026
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the file system.
Memory Corruption
Apple OS Log Data Leakage Fix 18.7.7/26.3
CVE-2026-20668
5.5 - Medium
- March 25, 2026
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3, visionOS 26.3. An app may be able to access sensitive user data.
Insertion of Sensitive Information into Log File
macOS sandbox flaw allows network share access f. 15.7.5/14.8.5/26.4
CVE-2026-20701
7.5 - High
- March 25, 2026
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to connect to a network share without user consent.
Protection Mechanism Failure
Apple iOS Kernel Memory Disclosure via Logging Redaction Flaw (before 18.7.7)
CVE-2026-28868
5.5 - Medium
- March 25, 2026
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. An app may be able to disclose kernel memory.
Insertion of Sensitive Information into Log File
macOS Symlink Exploit Lets App Read Sensitive Data: Fixed 15.7.5/14.8.5/26.4
CVE-2026-20633
5.5 - Medium
- March 25, 2026
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access user-sensitive data.
insecure temporary file
macOS perms flaw fixed in 15.7.5/14.8.5/26.4
CVE-2026-28829
5.5 - Medium
- March 25, 2026
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the file system.
Incorrect Permission Assignment for Critical Resource
macOS Sandbox Race Condition Exploit (fixed 15.7.5/14.8.5/26.4)
CVE-2026-28891
8.1 - High
- March 25, 2026
A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to break out of its sandbox.
Race Condition
Apple macOS Permission Bypass (fixed 15.7.5/14.8.5/26.4)
CVE-2026-28828
5.3 - Medium
- March 25, 2026
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.
Authorization
Apple OS Null Pointer Deref Causing DoS Fixed in v18.7.7 & 26.4
CVE-2026-28886
5.9 - Medium
- March 25, 2026
A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A user in a privileged network position may be able to cause a denial-of-service.
NULL Pointer Dereference
macOS State Mgmt Auth Issue CVE-2026-28824 (Fixed: 15.7.5,14.8.5,26.4)
CVE-2026-28824
5.3 - Medium
- March 25, 2026
An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.
Authorization
Apple macOS OOB Read - Fixed in Sequoia 15.7.5 / Sonoma 14.8.5 / Tahoe 26.4
CVE-2026-28832
8.4 - High
- March 25, 2026
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to disclose kernel memory.
Out-of-bounds Read
Apple OS Audio Stream OOB Bounds Check (fixed 18.7.7/15.7.5)
CVE-2026-20690
6.5 - Medium
- March 25, 2026
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing an audio stream in a maliciously crafted media file may terminate the process.
Out-of-bounds Read
Apple OS Auth State Management Flaw (iOS 18.7.7, macOS 15.7.5-26.4)
CVE-2026-28865
7.5 - High
- March 25, 2026
An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An attacker in a privileged network position may be able to intercept network traffic.
AuthZ
Apple macOS Data Access Vulnerability, Fixed in 15.7.5/14.8.5/26.4
CVE-2026-28839
5.3 - Medium
- March 25, 2026
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.
AuthZ
Apple iOS 18.7.7 - Sensitive Data Leak via App Enumeration Fix
CVE-2026-28878
6.5 - Medium
- March 25, 2026
A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to enumerate a user's installed apps.
Information Disclosure
macOS Privacy: Log Redaction Leak (Fixed 15.7.5/14.8.5/26.4)
CVE-2026-28862
5.3 - Medium
- March 25, 2026
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access user-sensitive data.
Authorization
Apple macOS Permissions Leak Fix 15.7.5, 14.8.5, 26.4
CVE-2026-20697
5.3 - Medium
- March 25, 2026
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.
Authorization
macOS SMB Mount Use-after-Free, fixed in 15.7.5/14.8.5
CVE-2026-28835
6.5 - Medium
- March 25, 2026
A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. Mounting a maliciously crafted SMB network share may lead to system termination.
Dangling pointer
Integer overflow in macOS input validation (15.7.5/14.8.5/26.3)heap corruption
CVE-2026-20639
7.5 - High
- March 25, 2026
An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3. Processing a maliciously crafted string may lead to heap corruption.
Integer Overflow or Wraparound
macOS Logging Redaction Fix (before Sequoia 15.7.5)
CVE-2026-28818
5.3 - Medium
- March 25, 2026
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.
Authorization
Apple OS Type Confusion Vulnerability (fixed iOS 26.4, macOS 15.7.5, etc.)
CVE-2026-28822
6.2 - Medium
- March 25, 2026
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An attacker may be able to cause unexpected app termination.
Object Type Confusion
macOS race cond. causes system termination (fixed in 15.7.5, 14.8.5, 26.4)
CVE-2026-28834
5.1 - Medium
- March 25, 2026
A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to cause unexpected system termination.
Race Condition
Apple WebKit use-after-free before iOS 18.7.7 crash
CVE-2026-28879
6.5 - Medium
- March 25, 2026
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash.
Dangling pointer
macOS Sandbox Escape via Permission Issue (fixed in Sequoia 15.7.5)
CVE-2026-28838
5.3 - Medium
- March 25, 2026
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to break out of its sandbox.
Apple OS App Enumeration (CVE-2026-28880) Fixed in iOS 18.7.7 & macOS 15.7.5
CVE-2026-28880
6.5 - Medium
- March 25, 2026
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to enumerate a user's installed apps.
Authorization
macOS Sandbox Bypass via Race Condition (fixed prior to 15.7.5)
CVE-2026-28817
8.1 - High
- March 25, 2026
A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. A sandboxed process may be able to circumvent sandbox restrictions.
Race Condition
Apple iOS use-after-free fixed in 18.7.7/26.3
CVE-2026-20637
6.2 - Medium
- March 25, 2026
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to cause unexpected system termination.
Dangling pointer
macOS Intel downgrade flaw fixed with codesigning (Sequoia 15.7.5/Sonoma 14.8.5)
CVE-2026-20699
6.2 - Medium
- March 25, 2026
A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3, macOS Tahoe 26.4. An app may be able to access user-sensitive data.
Improper Verification of Cryptographic Signature
iOS/macOS Path Validation Flaw Enabling Sensitive Data Access (CVE-2026-28876)
CVE-2026-28876
7.5 - High
- March 25, 2026
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to access sensitive user data.
Authorization
macOS entitlement validation flaw -> privilege escalation (pre-15.7.5/14.8.5/26.4)
CVE-2026-28821
8.4 - High
- March 25, 2026
A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to gain elevated privileges.
Improper Input Validation
Apple macOS Kernel Memory Layout Disclosure Fixed in 15.7.5/14.8.5/26.4
CVE-2026-20695
6.2 - Medium
- March 25, 2026
An information disclosure issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to determine kernel memory layout.
Apple iOS/iPadOS/macOS Symlink RCE Allows Sensitive Data Access (Fixed 26.3+)
CVE-2026-20694
5.5 - Medium
- March 25, 2026
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Sonoma 14.8.5, macOS Tahoe 26.3, macOS Tahoe 26.4. An app may be able to access user-sensitive data.
Symlink following
Apple OS File Parser Crash, fixed 18.7.7
CVE-2026-20657
6.5 - Medium
- March 25, 2026
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5. Parsing a maliciously crafted file may lead to an unexpected app termination.
Buffer Overflow
Denial-of-Service vulnerability in Apple OSes via input validation, fixed 26.4
CVE-2026-28894
7.5 - High
- March 25, 2026
A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. A remote attacker may be able to cause a denial-of-service.
Improper Input Validation
macOS Unauthorized File Delete via Path Flaw (pre-15.7.5/14.8.5/26.4)
CVE-2026-28816
4 - Medium
- March 25, 2026
A path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to delete files for which it does not have permission.
Directory traversal
macOS Permissions Issue Fixed in Sequoia 15.7.5, Sonoma 14.8.5, Tahoe 26.4
CVE-2026-20607
4 - Medium
- March 25, 2026
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access protected user data.
Improper Privilege Management
macOS Sandbox Path Validation Flaw (before 15.7.5/14.8.5/26.4)
CVE-2026-28827
9.3 - Critical
- March 25, 2026
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to break out of its sandbox.
Directory traversal
Apple macOS Auth flaw (state Mgmnt) fixed in 15.7.5, 14.8.5, 26.4
CVE-2026-28831
5.5 - Medium
- March 25, 2026
An authorization issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.
macOS root privilege deletion of protected files via state mgmt flaw
CVE-2026-20693
4.9 - Medium
- March 25, 2026
This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An attacker with root privileges may be able to delete protected system files.
Incorrect Permission Assignment for Critical Resource
Symlink Validation Bug in Apple iOS/iPadOS & MacOS (before 18.7.7/14.8.5)
CVE-2026-28866
6.2 - Medium
- March 25, 2026
This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access sensitive user data.
insecure temporary file
Apple iOS/iPadOS/macOS VisionOS Path Validation Flaw Fixed 26.4/15.7.5/14.8.5
CVE-2026-20688
9.3 - Critical
- March 25, 2026
A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4. An app may be able to break out of its sandbox.
Directory traversal
macOS FS Modification Vulnerability Fixed in 15.7.5/14.8.5/26.4
CVE-2026-28892
5.5 - Medium
- March 25, 2026
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the file system.
Apple macOS Race Condition Root Escalation Before v15.7.5
CVE-2026-28888
5.1 - Medium
- March 25, 2026
A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to gain root privileges.
Race Condition
Apple Mail privacy flaw: Hide IP Address ineffective pre-iOS 26.4/macOS 14.8.5
CVE-2026-20692
5.3 - Medium
- March 25, 2026
A privacy issue was addressed with improved handling of user preferences. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. "Hide IP Address" and "Block All Remote Content" may not apply to all mail content.
macOS Crash via Improper Memory Handling Fixed in Sequoia 15.7.4
CVE-2026-20605
4.6 - Medium
- February 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to crash a system process.
Buffer Overflow
Apple macOS Sequoia 15.7.4: Directory Path Parsing Issue
CVE-2026-20625
5.5 - Medium
- February 11, 2026
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. An app may be able to access sensitive user data.
Directory traversal
Apple OS DoS via Malicious File Handling (fixed in 26.3, 14.8.4, 15.7.4, 18.7.5)
CVE-2026-20609
4.4 - Medium
- February 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents.
Out-of-bounds Read
macOS injection flaw fixed in Sequoia 15.7.4, Tahoe 26.3, Sonoma 14.8.4
CVE-2026-20624
5.5 - Medium
- February 11, 2026
An injection issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user data.
AuthZ
Apple macOS/iOS Logic Issue Fixed 15.7.4/18.7.5/26.3/14.8.4
CVE-2026-20673
5.3 - Medium
- February 11, 2026
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. Turning off "Load remote content in messages may not apply to all mail previews.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Apple Macos Sonoma or by Apple? Click the Watch button to subscribe.
