CVE-2026-28832 - Vulnerability Details

Description

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to disclose kernel memory.

Published: 2026-03-25

Score: 8.4 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

An out‑of‑bounds read in the macOS kernel allows a malicious application with local execution privileges to read arbitrary kernel memory locations. This vulnerability directly leads to the disclosure of sensitive kernel data, potentially exposing system credentials, cryptographic material, or other private information. The weakness is a typical out‑of‑bounds read, classified as CWE‑125, and can undermine the confidentiality of the operating system.

Affected Systems

All Apple macOS releases prior to the patched versions are affected. The vulnerability was fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, and macOS Tahoe 26.4, so any macOS system running an earlier version of these releases is vulnerable.

Risk and Exploitability

The CVSS base score of 8.4 indicates a high severity. However, the EPSS score is less than 1%, indicating a low probability of exploitation in the wild, and the vulnerability is not listed in CISA’s KEV catalog. The attack vector is inferred to be local, as the vulnerability is triggered by an application that can perform an out‑of‑bounds read of kernel memory. An attacker would need to run a crafted app on the target machine to access protected data.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Apple

macOS

affected

Version	Status	Constraints
`0`	affected	< 14.8.5
`0`	affected	< 15.7.5
`0`	affected	< 26.4

Configuration 1 [-]

OR	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::

No data.

Vendor Product Confidence Versions

Apple

Macos

100%

Version	Status	Scheme	Platform
`[0,14.8.5)`	affected	generic	—
`[0,15.7.5)`	affected	generic	—
`[0,26.4)`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade macOS to at least macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, or macOS Tahoe 26.4, whichever applies.

Generated by OpenCVE AI on March 26, 2026 at 15:41 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00014.

Exploitation none

Automatable no

Technical Impact total

References

Link	Providers
https://support.apple.com/en-us/126794
https://support.apple.com/en-us/126795
https://support.apple.com/en-us/126796

History

Fri, 27 Mar 2026 10:00:00 +0000

Type	Values Removed	Values Added
Title	Out‑of‑Bounds Read Leading to Kernel Memory Disclosure in macOS

Thu, 26 Mar 2026 14:15:00 +0000

Type	Values Removed	Values Added
Metrics	cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`	cvssV3_1 `{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Thu, 26 Mar 2026 12:30:00 +0000

Type	Values Removed	Values Added
Title	macOS Kernel Out‑of‑Bounds Read Enables Kernel Memory Disclosure	Out‑of‑Bounds Read Leading to Kernel Memory Disclosure in macOS

Wed, 25 Mar 2026 22:00:00 +0000

Type	Values Removed	Values Added
Title		macOS Kernel Out‑of‑Bounds Read Enables Kernel Memory Disclosure

Wed, 25 Mar 2026 21:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:o:apple:macos::::::::

Wed, 25 Mar 2026 20:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-125
Metrics		cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 25 Mar 2026 12:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple Apple macos
Vendors & Products		Apple Apple macos

Wed, 25 Mar 2026 01:00:00 +0000

Type	Values Removed	Values Added
Description		An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to disclose kernel memory.
References		https://support.apple.com/en-us/126794 https://support.apple.com/en-us/126795 https://support.apple.com/en-us/126796

Subscriptions

Apple Macos

MITRE

Status: PUBLISHED

Assigner: apple

Published: 2026-03-25T00:32:42.543Z

Updated: 2026-04-02T18:22:44.735Z

Reserved: 2026-03-03T16:36:03.968Z

Link: CVE-2026-28832

Vulnrichment

Updated: 2026-03-25T19:37:24.483Z

NVD

Status : Modified

Published: 2026-03-25T01:17:08.287

Modified: 2026-03-26T14:16:09.500

Link: CVE-2026-28832

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-03-27T09:50:29Z

Weaknesses

CWE-125

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object