HIGHCVE-2026-28954Published Modified CNA apple
CVE-2026-28954: A file quarantine bypass was addressed with additional checks
A file quarantine bypass was addressed with additional checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. A maliciously crafted disk image may bypass Gatekeeper checks.
Metrics
- CVSS v3.1
- 7.5
- Severity
- HIGH
- Fixed in
- 14.8.7
- Affected Products
- 2
Fix available
14.8.715.7.718.7.926.5
Affected packages
- Apple / iOS and iPadOS< 18.7.9 (from 0)
- Apple / macOS< 14.8.7 (from 0) · < 15.7.7 (from 0) · < 26.5 (from 0)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N