6.2

CVE-2026-28950

Medienbericht

SWUpdate Integer Underflow in Multipart Upload Parser

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 15.8.8 and iPadOS 15.8.8, iOS 16.7.16 and iPadOS 16.7.16, iOS 18.7.8 and iPadOS 18.7.8, iOS 26.4.2 and iPadOS 26.4.2, iPadOS 17.7.11. Notifications marked for deletion could be unexpectedly retained on the device.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AppleiPadOS Version < 18.7.8
AppleiPadOS Version >= 26.0 < 26.4.2
AppleiPhone OS Version < 18.7.8
AppleiPhone OS Version >= 26.0 < 26.4.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.88% 0.85
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 6.2 2.5 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-359 Exposure of Private Personal Information to an Unauthorized Actor

The product does not properly prevent a person's private, personal information from being accessed by actors who either (1) are not explicitly authorized to access the information or (2) do not have the implicit consent of the person about whom the information is collected.

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
23.04.2026 10:48
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
23.04.2026 10:18
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
22.04.2026 23:18
https://support.apple.com/en-us/127003
Vendor Advisory
Release Notes
https://support.apple.com/en-us/127002
Vendor Advisory
Release Notes
http://seclists.org/fulldisclosure/2026/Apr/14
http://seclists.org/fulldisclosure/2026/Apr/15
https://support.apple.com/en-us/127112
https://support.apple.com/en-us/127113
https://support.apple.com/en-us/127114
http://seclists.org/fulldisclosure/2026/May/10
http://seclists.org/fulldisclosure/2026/May/8
http://seclists.org/fulldisclosure/2026/May/9