Summaryinfo

A vulnerability identified as problematic has been detected in Apple macOS up to 14.8.4/15.7.4/26.3. Affected by this vulnerability is an unknown functionality of the component Kernel Memory Handler. Performing a manipulation results in out-of-bounds. This vulnerability is known as CVE-2026-28832. Attacking locally is a requirement. No exploit is available. You should upgrade the affected component.

Detailsinfo

A vulnerability classified as problematic has been found in Apple macOS up to 14.8.4/15.7.4/26.3. This affects some unknown functionality of the component Kernel Memory Handler. The manipulation with an unknown input leads to a out-of-bounds vulnerability. CWE is classifying the issue as CWE-125. The product reads data past the end, or before the beginning, of the intended buffer. This is going to have an impact on confidentiality. The summary by CVE is:

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to disclose kernel memory.

It is possible to read the advisory at support.apple.com. This vulnerability is uniquely identified as CVE-2026-28832 since 03/03/2026. The exploitability is told to be easy. Attacking locally is a requirement. The technical details are unknown and an exploit is not publicly available.

Upgrading to version 14.8.5, 15.7.5 or 26.4 eliminates this vulnerability.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Type

• Operating System

Vendor

• Apple

Name

• macOS

Version

• 14.8.0
• 14.8.1
• 14.8.2
• 14.8.3
• 14.8.4
• 15.7.0
• 15.7.1
• 15.7.2
• 15.7.3
• 15.7.4
• 26.0
• 26.1
• 26.2
• 26.3

License

• commercial

Website

• Vendor: https://www.apple.com/

CPE 2.3info

• 🔒
• 🔒
• 🔒

CPE 2.2info

• 🔒
• 🔒
• 🔒

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion