惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Schneier on Security
P
Proofpoint News Feed
Apple Machine Learning Research
Apple Machine Learning Research
WordPress大学
WordPress大学
博客园 - Franky
V
V2EX
爱范儿
爱范儿
J
Java Code Geeks
小众软件
小众软件
Last Week in AI
Last Week in AI
The Cloudflare Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Hugging Face - Blog
Hugging Face - Blog
T
The Blog of Author Tim Ferriss
酷 壳 – CoolShell
酷 壳 – CoolShell
The Register - Security
The Register - Security
GbyAI
GbyAI
Vercel News
Vercel News
Y
Y Combinator Blog
腾讯CDC
F
Fortinet All Blogs
I
InfoQ
N
Netflix TechBlog - Medium
B
Blog RSS Feed
D
Docker
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
量子位
博客园 - 司徒正美
阮一峰的网络日志
阮一峰的网络日志
The GitHub Blog
The GitHub Blog
Microsoft Security Blog
Microsoft Security Blog
V
Visual Studio Blog
博客园 - 三生石上(FineUI控件)
宝玉的分享
宝玉的分享
Blog — PlanetScale
Blog — PlanetScale
H
Help Net Security
云风的 BLOG
云风的 BLOG
A
About on SuperTechFans
Scott Helme
Scott Helme
T
Tor Project blog
U
Unit 42
Google Online Security Blog
Google Online Security Blog
PCI Perspectives
PCI Perspectives
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
NISL@THU
NISL@THU
D
Darknet – Hacking Tools, Hacker News & Cyber Security
aimingoo的专栏
aimingoo的专栏
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Stack Overflow Blog
Stack Overflow Blog
Security Archives - TechRepublic
Security Archives - TechRepublic

Full Disclosure

[NotCVE-2026-0001] Cloudflare Universal SSL CAA augmentation weakens RFC 8657 account binding — CVE-2026-14440 assigned 163 days after public no-CVE disclosure Full Disclosure: Subject: Advisory Submission: EZ Game Booster Full Disclosure: CVE-2026-56877 - Skillable SCORM userId authorisation bypass Full Disclosure: [REVIVE-SA-2026-003] Revive Adserver Vulnerabilities Full Disclosure: OPNsense XPATH Injection (CVE-2026-53582) Authentication Bypass for SafeLine SL6 and SL6+ confidentiality and anonymity leakage to third parties Full Disclosure: OpenBlow Multiple Deanonymization Vulnerabilities Site-access password exposed in web server access logs via GET query string Full Disclosure: APPLE-SA-06-29-2026-3 Safari 26.5.2 Full Disclosure: APPLE-SA-06-29-2026-2 macOS Tahoe 26.5.2 APPLE-SA-06-29-2026-1 iOS 26.5.2 and iPadOS 26.5.2 symlink following and TOCTOU in privileged upload handler allow arbitrary file write as root [KIS-2026-12] Control Web Panel <= 0.9.8.1224 (userRes) SQL Injection Vulnerability Full Disclosure: [fulldis] CVE-2026-58451 - Horde Groupware IMP path traversal vuln Full Disclosure: Samsung Galaxy Buds – Zero-Click HFP/A2DP Takeover via L2CAP Session Preemption (Vendor Response: Working as Intended) Full Disclosure: Asterisk Security Release 23.4.1 Full Disclosure: Asterisk Security Release 22.10.1 Full Disclosure: Asterisk Security Release 21.12.3 Full Disclosure: Asterisk Security Release 20.20.1 Certified Asterisk Security Release certified-22.8-cert3 Certified Asterisk Security Release certified-20.7-cert11 Zig std.http chunked reader integer overflow -> unauthenticated remote DoS Remote Kernel Stack Disclosure via MPLS Label Stack Over-read Full Disclosure: OpenBSD sppp_pap_input: PAP authentication bypass Full Disclosure: SEC Consult SA-20260618-0 :: Hardcoded Root Cloud Credentials in Application Binaries in Silver Leaf Technologies Full Disclosure: SEC Consult SA-20260617-1 :: Multiple Vulnerabilities in Quanos Content Solutions Multiple Critical Vulnerabilities in Sprecher Automation SPRECON-E-C/-E-P/-E-T3 Full Disclosure: SEC Consult SA-20260616-0 :: Broken Access Control in syracom AG Secure Login (2FA) for Atlassian Jira / Confluence APPLE-SA-06-16-2026-1 Beats Firmware Update 1B211 PHP 8.5.7 `levenshtein()` signed-integer overflow Full Disclosure: PHP 8.5.7 `dom_xml_serialization_algorithm()` stack-overflow PHP 8.5.7 `mb_substr()` 'SJIS-mac' size_t underflow PHP 8.5.7 `FILTER_SANITIZE_ENCODED` uninitialized read Cross-Tenant Authentication Bypass by Spoofing in N-able Mail Assure Multiple Vulnerabilities in Wertheim SafeController Hardware for VAULT ROOMS (Safe Deposit Locker System – Microcontroller) Multiple Critical Vulnerabilities in Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System) Local Privilege Escalation in Slate Digital Connect (macOS) Full Disclosure: SEC Consult SA-20260609-0 :: Multiple Local Privilege Escalation Vulnerabilities in Waves Audio [KIS-2026-11] Discuz! <= X5.0 (enable_disable.php) Local File Inclusion Vulnerability [KIS-2026-10] Discuz! <= X5.0 OCR-based CAPTCHA Bypass Vulnerability [KIS-2026-09] Discuz! X5.0 (UC_KEY) Cross-Context Token Reuse Vulnerability Privilege Escalation via Binary Planting in Genetec-provided RabbitMQ in multiple Genetec products [SYSS-2026-004] SAP NetWeaver SAML XML Signature Wrapping Full Disclosure: [REVIVE-SA-2026-002] Revive Adserver Vulnerabilities Full Disclosure: CyberDanube Security Research 20260528-0 four vulnerabilities — two unfixed, GHSA without a CVE Full Disclosure: Re: Dovecot Security Advisory OXDC-2026-0002 SSRF in Anthropic mcp-server-fetch and Microsoft playwright-mcp — publicly disclosed via GitHub issues Full Disclosure: [SECURITY ADVISORY] CVE-2021-21735 Full Disclosure: [SECURITY ADVISORY] CVE-2026-34474 Full Disclosure: [SECURITY ADVISORY] CVE-2026-34472 Full Disclosure: [SECURITY ADVISORY] CVE-2026-34473 Multiple vulnerabilities in Sparx Pro Cloud Server and Enterprise Architect Full Disclosure: APPLE-SA-05-13-2026-1 Safari 26.5 Full Disclosure: APPLE-SA-05-11-2026-11 visionOS 26.5 Full Disclosure: APPLE-SA-05-11-2026-10 watchOS 26.5 Full Disclosure: APPLE-SA-05-11-2026-9 tvOS 26.5 Full Disclosure: APPLE-SA-05-11-2026-8 macOS Sonoma 14.8.7 Full Disclosure: APPLE-SA-05-11-2026-7 macOS Sequoia 15.7.7 APPLE-SA-05-11-2026-5 iOS 15.8.8 and iPadOS 15.8.8 APPLE-SA-05-11-2026-4 iOS 16.7.16 and iPadOS 16.7.16 Full Disclosure: APPLE-SA-05-11-2026-3 iPadOS 17.7.11 APPLE-SA-05-11-2026-2 iOS 18.7.9 and iPadOS 18.7.9 APPLE-SA-05-11-2026-1 iOS 26.5 and iPadOS 26.5 Impersonation attacks on Edupage portal Edupage web and mobile application authorization bypass leaks PII and IBAN codes Full Disclosure: Dovecot Security Advisory OXDC-2026-0002 Arbitrary File Read and Server Side Request Forgery via XML External Entities in Lobster_pro (CVE-2024-13971) Arbitrary File Read and Server Side Request Forgery via XML External Entities in 4D Server SOAP (CVE-2024-39847) ESP-RFID-Tool v2 PRO — Full Public Disclosure DLL Hijacking in EfficientLab Controlio (cloud-based employee monitoring service) Broken Access Control in Config Endpoint in LiteLLM Exposed Private Key of X.509 Certificate in SAP HANA Cockpit & SAP HANA Database Explorer APPLE-SA-04-22-2026-2 iOS 18.7.8 and iPadOS 18.7.8 APPLE-SA-04-22-2026-1 iOS 26.4.2 and iPadOS 26.4.2 When Trusted Tools Become Attack Primitives [KIS-2026-08] SocialEngine <= 7.8.0 (get-memberall) SQL Injection Vulnerability [KIS-2026-07] SocialEngine <= 7.8.0 Blind Server-Side Request Forgery Vulnerability Full Disclosure: Trojan-Spy.Win32.Small / Remote Command Execution Full Disclosure: [IWCC 2026] CfP: 15th International Workshop on Cyber Crime GoAnywhere MFT Email HTML Injection Full Disclosure: CyberDanube Security Research 20260408-1 Full Disclosure: CyberDanube Security Research 20260408-0 Improper Enforcement of Locked Accounts in WebUI (SSO) in Kiuwan SAST on-premise (KOP) & cloud/SaaS Broken Access Control in Open WebUI Full Disclosure: SEC Consult SA-20260326-0 :: Local Privilege Escalation in Vienna Assistant (MacOS) 14 Third-Party Endpoints, 6 Countries, Zero User Visibility [KIS-2026-06] MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability [CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability Full Disclosure: APPLE-SA-03-24-2026-10 Xcode 26.4 Full Disclosure: APPLE-SA-03-24-2026-9 Safari 26.4 Full Disclosure: APPLE-SA-03-24-2026-8 visionOS 26.4 Full Disclosure: APPLE-SA-03-24-2026-7 watchOS 26.4 Full Disclosure: APPLE-SA-03-24-2026-6 tvOS 26.4 Full Disclosure: APPLE-SA-03-24-2026-5 macOS Sonoma 14.8.5 Full Disclosure: APPLE-SA-03-24-2026-3 macOS Tahoe 26.4 APPLE-SA-03-24-2026-2 iOS 18.7.7 and iPadOS 18.7.7 APPLE-SA-03-24-2026-1 iOS 26.4 and iPadOS 26.4
Full Disclosure: APPLE-SA-03-24-2026-4 macOS Sequoia 15.7.5
2026-03-29 · via Full Disclosure
fulldisclosure logo

Full Disclosure mailing list archives


From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org>
Date: Tue, 24 Mar 2026 17:02:26 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-03-24-2026-4 macOS Sequoia 15.7.5

macOS Sequoia 15.7.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/126795.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

802.1X
Available for: macOS Sequoia
Impact: An attacker in a privileged network position may be able to
intercept network traffic
Description: An authentication issue was addressed with improved state
management.
CVE-2026-28865: Héloïse Gollier and Mathy Vanhoef (KU Leuven)

Accounts
Available for: macOS Sequoia
Impact: An app may be able to access sensitive user data
Description: An authorization issue was addressed with improved state
management.
CVE-2026-28877: Rosyna Keller of Totally Not Malicious Software

apache
Available for: macOS Sequoia
Impact: Multiple issues in Apache
Description: This is a vulnerability in open source code and Apple
Software is among the affected projects. The CVE-ID was assigned by a
third party. Learn more about the issue and CVE-ID at cve.org.
CVE-2025-55753
CVE-2025-58098
CVE-2025-59775
CVE-2025-65082
CVE-2025-66200

AppleKeyStore
Available for: macOS Sequoia
Impact: An app may be able to cause unexpected system termination
Description: A use after free issue was addressed with improved memory
management.
CVE-2026-20637: Johnny Franks (zeroxjf), an anonymous researcher

AppleMobileFileIntegrity
Available for: macOS Sequoia
Impact: An app may be able to access sensitive user data
Description: An authorization issue was addressed with improved state
management.
CVE-2026-28824: Mickey Jin (@patch1t)

AppleMobileFileIntegrity
Available for: macOS Sequoia
Impact: An app may be able to access user-sensitive data
Description: A downgrade issue affecting Intel-based Mac computers was
addressed with additional code-signing restrictions.
CVE-2026-20699: Mickey Jin (@patch1t)

Audio
Available for: macOS Sequoia
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: A use-after-free issue was addressed with improved memory
management.
CVE-2026-28879: Justin Cohen of Google

Audio
Available for: macOS Sequoia
Impact: An attacker may be able to cause unexpected app termination
Description: A type confusion issue was addressed with improved memory
handling.
CVE-2026-28822: Jex Amro

Calling Framework
Available for: macOS Sequoia
Impact: A remote attacker may be able to cause a denial-of-service
Description: A denial-of-service issue was addressed with improved input
validation.
CVE-2026-28894: an anonymous researcher

CFNetwork
Available for: macOS Sequoia
Impact: A remote user may be able to write arbitrary files
Description: A path handling issue was addressed with improved logic.
CVE-2026-20660: Amy (amys.website)

Clipboard
Available for: macOS Sequoia
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved validation of
symlinks.
CVE-2026-28866: Cristian Dinca (icmd.tech)

configd
Available for: macOS Sequoia
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: An integer overflow was addressed with improved input
validation.
CVE-2026-20639: @cloudlldb of @pixiepointsec

CoreMedia
Available for: macOS Sequoia
Impact: Processing an audio stream in a maliciously crafted media file
may terminate the process
Description: An out-of-bounds access issue was addressed with improved
bounds checking.
CVE-2026-20690: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative

CoreServices
Available for: macOS Sequoia
Impact: An app may be able to gain elevated privileges
Description: A validation issue existed in the entitlement verification.
This issue was addressed with improved validation of the process
entitlement.
CVE-2026-28821: YingQi Shi (@Mas0nShi) of DBAppSecurity's WeBin lab

CoreServices
Available for: macOS Sequoia
Impact: An app may be able to break out of its sandbox
Description: A permissions issue was addressed with additional sandbox
restrictions.
CVE-2026-28838: an anonymous researcher

CoreUtils
Available for: macOS Sequoia
Impact: A user in a privileged network position may be able to cause a
denial-of-service
Description: A null pointer dereference was addressed with improved
input validation.
CVE-2026-28886: Etienne Charron (Renault) and Victoria Martini (Renault)

CUPS
Available for: macOS Sequoia
Impact: An app may be able to gain root privileges
Description: A race condition was addressed with improved state
handling.
CVE-2026-28888: Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs

curl
Available for: macOS Sequoia
Impact: An issue existed in curl which may result in unintentionally
sending sensitive information via an incorrect connection
Description: This is a vulnerability in open source code and Apple
Software is among the affected projects. The CVE-ID was assigned by a
third party. Learn more about the issue and CVE-ID at cve.org.
CVE-2025-14524

DesktopServices
Available for: macOS Sequoia
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed with improved handling of
symlinks.
CVE-2026-20633: Mickey Jin (@patch1t)

DeviceLink
Available for: macOS Sequoia
Impact: An app may be able to access sensitive user data
Description: A parsing issue in the handling of directory paths was
addressed with improved path validation.
CVE-2026-28876: Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs

Diagnostics
Available for: macOS Sequoia
Impact: An app may be able to modify protected parts of the file system
Description: A permissions issue was addressed by removing the
vulnerable code.
CVE-2026-28892: 风沐云烟 (@binary_fmyy) and Minghao Lin (@Y1nKoc)

File System
Available for: macOS Sequoia
Impact: An app may be able to disclose kernel memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2026-28832: DARKNAVY (@DarkNavyOrg)

Focus
Available for: macOS Sequoia
Impact: An app may be able to access sensitive user data
Description: A logging issue was addressed with improved data redaction.
CVE-2026-20668: Kirin (@Pwnrin)

GPU Drivers
Available for: macOS Sequoia
Impact: An app may be able to cause unexpected system termination
Description: A race condition was addressed with improved state
handling.
CVE-2026-28834: an anonymous researcher

iCloud
Available for: macOS Sequoia
Impact: An app may be able to enumerate a user's installed apps
Description: A permissions issue was addressed with additional
restrictions.
CVE-2026-28880: Zhongcheng Li from IES Red Team

ImageIO
Available for: macOS Sequoia
Impact: Processing a maliciously crafted file may lead to unexpected app
termination
Description: This is a vulnerability in open source code and Apple
Software is among the affected projects. The CVE-ID was assigned by a
third party. Learn more about the issue and CVE-ID at cve.org.
CVE-2025-64505

Kernel
Available for: macOS Sequoia
Impact: An app may be able to disclose kernel memory
Description: A logging issue was addressed with improved data redaction.
CVE-2026-28868: 이동하 (Lee Dong Ha of BoB 0xB6)

Kernel
Available for: macOS Sequoia
Impact: An app may be able to leak sensitive kernel state
Description: This issue was addressed with improved authentication.
CVE-2026-28867: Jian Lee (@speedyfriend433)

Kernel
Available for: macOS Sequoia
Impact: An app may be able to determine kernel memory layout
Description: An information disclosure issue was addressed with improved
memory management.
CVE-2026-20695: 이동하 (Lee Dong Ha of BoB 0xB6) working with TrendAI Zero
Day Initiative, hari shanmugam

Kernel
Available for: macOS Sequoia
Impact: An app may be able to cause unexpected system termination or
write kernel memory
Description: A use after free issue was addressed with improved memory
management.
CVE-2026-20687: Johnny Franks (@zeroxjf)

Kernel
Available for: macOS Sequoia
Impact: An app may be able to modify protected parts of the file system
Description: A permissions issue was addressed with additional
restrictions.
CVE-2026-28829: Sreejith Krishnan R

libxpc
Available for: macOS Sequoia
Impact: An app may be able to access protected user data
Description: A permissions issue was addressed with additional
restrictions.
CVE-2026-20607: an anonymous researcher

Mail
Available for: macOS Sequoia
Impact: "Hide IP Address" and "Block All Remote Content" may not apply
to all mail content
Description: A privacy issue was addressed with improved handling of
user preferences.
CVE-2026-20692: Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs

mDNSResponder
Available for: macOS Sequoia
Impact: An app may be able to leak sensitive kernel state
Description: This issue was addressed with improved authentication.
CVE-2026-28867: Jian Lee (@speedyfriend433)

Messages
Available for: macOS Sequoia
Impact: An app may be able to access sensitive user data
Description: A privacy issue was addressed with improved handling of
temporary files.
CVE-2026-20651: Chunyu Song of NorthSea

MigrationKit
Available for: macOS Sequoia
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed with improved handling of
symlinks.
CVE-2026-20694: Rodolphe Brunetti (@eisw0lf) of Lupus Nova

NetAuth
Available for: macOS Sequoia
Impact: An app may be able to break out of its sandbox
Description: A race condition was addressed with additional validation.
CVE-2026-28891: an anonymous researcher

NetAuth
Available for: macOS Sequoia
Impact: An app may be able to connect to a network share without user
consent
Description: An access issue was addressed with additional sandbox
restrictions.
CVE-2026-20701: Matej Moravec (@MacejkoMoravec)

NetAuth
Available for: macOS Sequoia
Impact: An app may be able to access sensitive user data
Description: The issue was addressed with improved checks.
CVE-2026-28839: Mickey Jin (@patch1t)

NetFSFramework
Available for: macOS Sequoia
Impact: An app may be able to break out of its sandbox
Description: A parsing issue in the handling of directory paths was
addressed with improved path validation.
CVE-2026-28827: Csaba Fitzl (@theevilbit) of Iru, an anonymous
researcher

Notes
Available for: macOS Sequoia
Impact: An app may be able to delete files for which it does not have
permission
Description: A path handling issue was addressed with improved
validation.
CVE-2026-28816: Dawuge of Shuffle Team and Hunan University

PackageKit
Available for: macOS Sequoia
Impact: An attacker with root privileges may be able to delete protected
system files
Description: This issue was addressed through improved state management.
CVE-2026-20693: Mickey Jin (@patch1t)

Phone
Available for: macOS Sequoia
Impact: An app may be able to access user-sensitive data
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2026-28862: Kun Peeks (@SwayZGl1tZyyy)

Printing
Available for: macOS Sequoia
Impact: An app may be able to access sensitive user data
Description: An authorization issue was addressed with improved state
management.
CVE-2026-28831: an anonymous researcher

Printing
Available for: macOS Sequoia
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A race condition was addressed with improved state
handling.
CVE-2026-28817: Gyujeong Jin (@G1uN4sh) at Team.0xb6

Printing
Available for: macOS Sequoia
Impact: An app may be able to break out of its sandbox
Description: A path handling issue was addressed with improved
validation.
CVE-2026-20688: wdszzml and Atuin Automated Vulnerability Discovery
Engine

Security
Available for: macOS Sequoia
Impact: A local attacker may gain access to user's Keychain items
Description: This issue was addressed with improved permissions
checking.
CVE-2026-28864: Alex Radocea

SMB
Available for: macOS Sequoia
Impact: Mounting a maliciously crafted SMB network share may lead to
system termination
Description: A use-after-free issue was addressed with improved memory
management.
CVE-2026-28835: Christian Kohlschütter

SMB
Available for: macOS Sequoia
Impact: An app may be able to modify protected parts of the file system
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2026-28825: Sreejith Krishnan R

Spotlight
Available for: macOS Sequoia
Impact: An app may be able to access user-sensitive data
Description: A downgrade issue affecting Intel-based Mac computers was
addressed with additional code-signing restrictions.
CVE-2026-20699: Mickey Jin (@patch1t)

Spotlight
Available for: macOS Sequoia
Impact: An app may be able to access sensitive user data
Description: A logging issue was addressed with improved data redaction.
CVE-2026-28818: @pixiepointsec

Spotlight
Available for: macOS Sequoia
Impact: An app may be able to access sensitive user data
Description: A permissions issue was addressed with additional
restrictions.
CVE-2026-20697: @pixiepointsec

TCC
Available for: macOS Sequoia
Impact: An app may be able to access sensitive user data
Description: A permissions issue was addressed by removing the
vulnerable code.
CVE-2026-28828: Mickey Jin (@patch1t)

UIFoundation
Available for: macOS Sequoia
Impact: An app may be able to cause a denial-of-service
Description: A stack overflow was addressed with improved input
validation.
CVE-2026-28852: Caspian Tarafdar

Vision
Available for: macOS Sequoia
Impact: Parsing a maliciously crafted file may lead to an unexpected app
termination
Description: The issue was addressed with improved memory handling.
CVE-2026-20657: Andrew Becker

WebDAV
Available for: macOS Sequoia
Impact: An app may be able to modify protected parts of the file system
Description: A permissions issue was addressed with additional
restrictions.
CVE-2026-28829: Sreejith Krishnan R

Additional recognition

Admin Framework
We would like to acknowledge Sota Toyokura for their assistance.

CoreServices
We would like to acknowledge YingQi Shi (@Mas0nShi) of DBAppSecurity's
WeBin lab, Fein, Iccccc & Ziiiro for their assistance.

IOGPUFamily
We would like to acknowledge Wang Yu of Cyberserval for their
assistance.

Kernel
We would like to acknowledge Xinru Chi of Pangu Lab for their
assistance.

Notes
We would like to acknowledge Dawuge of Shuffle Team and Hunan University
for their assistance.

ppp
We would like to acknowledge Dave G. for their assistance.

Shortcuts
We would like to acknowledge Waleed Barakat (@WilDN00B) and Paul
Montgomery (@nullevent) for their assistance.

macOS Sequoia 15.7.5 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/

All information is also posted on the Apple Security Releases
web site: https://support.apple.com/100100.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEhjkl+zMLNwFiCT1o4Ifiq8DH7PUFAmnDIvQACgkQ4Ifiq8DH
7PUFaQ/+NTpgKxb9vm31Oh8/tOl2Km6SqC9MhPmjjhB3RwJ8wBBmiLjPqtio25TU
ZbKrH73Y7C6+unmfMwaRD5TR4YCV7eXlqWWqsAJelfFhDfuNgaLGZ+9A2teRLC7F
eq5i5SK4xu7JDzHNUrXTPwups4w3L9de5cPMBghsrrq6QgaTbQDrxkCrB7Jrhsah
QrZMWQk/aBR6qd9vLyGM/pzooVkTa7fM/Lqaio0TxvPZZlHxdK7zId6hwPuj1+lW
xNEPHZmnG1kEFLTqC91KWf28OWBlzR/TlFYmaFBzwdHwQn4/JhCKOAI9ECUWAdZO
GhtanYLmsdOvQ4odObzLhN62ZlvkiEroqbNXWoVWiiUsNoeSJbIFrkBeAW1Mo2P7
qGVa8OqHHgtckNt++r0RuUpDG0nbseebSc7DD8x3SD7RT5Ds5Igcr2fQYvn9EywV
y2a8je6FJoIVRitoRo/6K/6GgbQJucn8GeYn7WQrWJ4JyLoPzObi3juvISJceyqA
GKinWdGs/03Ffs+17dcfLWHjAYrt2+Lujz2wm4uvR/4pazA2ZkpylL1GayLlj8WF
gfTlLECKvc8oIFjKKLdFZRsugr/exHg10eKQifzABnb03pHYUXJeELtx63AqgvHv
xJVxO5Z5d+WcSuUaBZTLTokpY6y06pzJOzI8AdEzVXnvgkjG/ho=
=Sf6B
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Current thread:

  • APPLE-SA-03-24-2026-4 macOS Sequoia 15.7.5 Apple Product Security via Fulldisclosure (Mar 28)