Apple Macos Tahoe vulnerabilities

CVE-2026-20616 [HIGH] CVE-2026-20616: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20616 Component: Model I/O Impact: Processing a maliciously crafted USD file may lead to unexpected app termination Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2026-20626 [HIGH] CVE-2026-20626: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20626 Component: Kernel Impact: A malicious app may be able to gain root privileges Description: This issue was addressed with improved checks.

CVE-2026-20617 [HIGH] CVE-2026-20617: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20617 Component: CoreServices Impact: An app may be able to gain root privileges Description: A race condition was addressed with improved state handling.

CVE-2026-20668 [MEDIUM] CVE-2026-20668: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20668 Component: Focus Impact: An app may be able to access sensitive user data Description: A logging issue was addressed with improved data redaction.

CVE-2026-20680 [MEDIUM] CVE-2026-20680: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20680 Component: Spotlight Impact: A sandboxed app may be able to access sensitive user data Description: The issue was addressed with additional restrictions on the observability of app states.

CVE-2026-20694 [MEDIUM] CVE-2026-20694: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20694 Component: MigrationKit Impact: An app may be able to access user-sensitive data Description: This issue was addressed with improved handling of symlinks.

CVE-2026-20621 [MEDIUM] CVE-2026-20621: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20621 Component: Wi-Fi Impact: An app may be able to cause unexpected system termination or corrupt kernel memory Description: The issue was addressed with improved memory handling.

CVE-2026-20629 [MEDIUM] CVE-2026-20629: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20629 Component: Foundation Impact: An app may be able to access user-sensitive data Description: A privacy issue was addressed with improved handling of temporary files.

CVE-2026-20630 [MEDIUM] CVE-2026-20630: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20630 Component: LaunchServices Impact: An app may be able to access protected user data Description: A permissions issue was addressed with additional restrictions.

CVE-2026-20609 [MEDIUM] CVE-2026-20609: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20609 Component: CoreMedia Impact: Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents Description: The issue was addressed with improved memory handling.

CVE-2026-20669 [MEDIUM] CVE-2026-20669: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20669 Component: Admin Framework Impact: An app may be able to access sensitive user data Description: A parsing issue in the handling of directory paths was addressed with improved path validation.

CVE-2026-20670 [MEDIUM] CVE-2026-20670: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20670 Component: AppleEvents Impact: An app may be able to access sensitive user data Description: An authorization issue was addressed with improved state management.

CVE-2026-20634 [MEDIUM] CVE-2026-20634: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20634 Component: ImageIO Impact: Processing a maliciously crafted image may result in disclosure of process memory Description: The issue was addressed with improved memory handling.

CVE-2026-20648 [MEDIUM] CVE-2026-20648: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20648 Component: Siri Impact: A malicious app may be able to access notifications from other iCloud devices Description: A privacy issue was addressed by moving sensitive data to a protected location.

CVE-2026-20653 [MEDIUM] CVE-2026-20653: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20653 Component: Shortcuts Impact: An app may be able to access sensitive user data Description: A parsing issue in the handling of directory paths was addressed with improved path validation.

CVE-2026-20612 [MEDIUM] CVE-2026-20612: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20612 Component: Spotlight Impact: An app may be able to access sensitive user data Description: A privacy issue was addressed with improved checks.

CVE-2026-20666 [MEDIUM] CVE-2026-20666: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20666 Component: NSOpenPanel Impact: An app may be able to access sensitive user data Description: An authorization issue was addressed with improved state management.

CVE-2026-20676 [MEDIUM] CVE-2026-20676: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20676 Component: WebKit Impact: A website may be able to track users through Safari web extensions Description: This issue was addressed through improved state management.

CVE-2026-20627 [MEDIUM] CVE-2026-20627: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20627 Component: CoreServices Impact: An app may be able to access sensitive user data Description: An issue existed in the handling of environment variables. This issue was addressed with improved validation.

CVE-2026-20651 [MEDIUM] CVE-2026-20651: macOS Tahoe 26.3 Apple Security Update: About the security content of macOS Tahoe 26.3 Product: macOS Tahoe Version: 26.3 CVE: CVE-2026-20651 Component: Messages Impact: An app may be able to access sensitive user data Description: A privacy issue was addressed with improved handling of temporary files.