Apple Macos Sonoma vulnerabilities

CVE-2026-20677 [CRITICAL] CVE-2026-20677: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2026-20677 Component: Messages Impact: A shortcut may be able to bypass sandbox restrictions Description: A race condition was addressed with improved handling of symbolic links.

CVE-2025-59375 [HIGH] CVE-2025-59375: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2025-59375 Component: CVE-2025-59375 Impact: An attacker in a privileged network position may be able to intercept network traffic Description: A logic issue was addressed with improved checks.

CVE-2026-20641 [HIGH] CVE-2026-20641: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2026-20641 Component: StoreKit Impact: An app may be able to identify what other apps a user has installed Description: A privacy issue was addressed with improved checks.

CVE-2026-20628 [HIGH] CVE-2026-20628: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2026-20628 Component: Sandbox Impact: An app may be able to break out of its sandbox Description: A permissions issue was addressed with additional restrictions.

CVE-2026-20667 [HIGH] CVE-2026-20667: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2026-20667 Component: CVE-2025-59375 Impact: An attacker in a privileged network position may be able to intercept network traffic Description: A logic issue was addressed with improved checks.

CVE-2026-20616 [HIGH] CVE-2026-20616: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2026-20616 Component: Model I/O Impact: Processing a maliciously crafted USD file may lead to unexpected app termination Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2026-20617 [HIGH] CVE-2026-20617: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2026-20617 Component: CoreServices Impact: An app may be able to gain root privileges Description: A race condition was addressed with improved state handling.

CVE-2026-20606 [HIGH] CVE-2026-20606: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2026-20606 Component: UIKit Impact: An app may be able to bypass certain Privacy preferences Description: This issue was addressed by removing the vulnerable code.

CVE-2026-20615 [HIGH] CVE-2026-20615: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2026-20615 Component: CoreServices Impact: An app may be able to gain root privileges Description: A path handling issue was addressed with improved validation.

CVE-2026-20611 [HIGH] CVE-2026-20611: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2026-20611 Component: CoreAudio Impact: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory Description: An out-of-bounds access issue was addressed with improved bounds checking.

CVE-2026-20614 [HIGH] CVE-2026-20614: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2026-20614 Component: Remote Management Impact: An app may be able to gain root privileges Description: A path handling issue was addressed with improved validation.

CVE-2025-43402 [HIGH] CVE-2025-43402: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2025-43402 Component: WindowServer Impact: An app may be able to cause unexpected system termination or corrupt process memory Description: The issue was addressed with improved memory handling.

CVE-2026-20620 [HIGH] CVE-2026-20620: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2026-20620 Component: GPU Drivers Impact: An attacker may be able to cause unexpected system termination or read kernel memory Description: An out-of-bounds read issue was addressed with improved input validation.

CVE-2025-46290 [HIGH] CVE-2025-46290: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2025-46290 Component: Security Impact: A remote attacker may be able to cause a denial-of-service Description: A logic issue was addressed with improved checks.

CVE-2026-20660 [HIGH] CVE-2026-20660: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2026-20660 Component: CFNetwork Impact: A remote user may be able to write arbitrary files Description: A path handling issue was addressed with improved logic.

CVE-2025-46310 [MEDIUM] CVE-2025-46310: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2025-46310 Component: PackageKit Impact: An attacker with root privileges may be able to delete protected system files Description: This issue was addressed through improved state management.

CVE-2026-20670 [MEDIUM] CVE-2026-20670: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2026-20670 Component: AppleEvents Impact: An app may be able to access sensitive user data Description: An authorization issue was addressed with improved state management.

CVE-2026-20694 [MEDIUM] CVE-2026-20694: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2026-20694 Component: MigrationKit Impact: An app may be able to access user-sensitive data Description: This issue was addressed with improved handling of symlinks.

CVE-2026-20609 [MEDIUM] CVE-2026-20609: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2026-20609 Component: CoreMedia Impact: Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents Description: The issue was addressed with improved memory handling.

CVE-2026-20627 [MEDIUM] CVE-2026-20627: macOS Sonoma 14.8.4 Apple Security Update: About the security content of macOS Sonoma 14.8.4 Product: macOS Sonoma Version: 14.8.4 CVE: CVE-2026-20627 Component: CoreServices Impact: An app may be able to access sensitive user data Description: An issue existed in the handling of environment variables. This issue was addressed with improved validation.