CVE-2026-28868 - Vulnerability Details

- Kernel Memory Disclosure via Logging Issue

Description

A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. An app may be able to disclose kernel memory.

Published: 2026-03-25

Score: 5.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A logging flaw can expose kernel memory contents, potentially leaking sensitive system information to applications. The flaw is categorized as CWE‑532 and can allow an app to read data that should not be accessible, leading to information disclosure without affecting system integrity or availability.

Affected Systems

Apple devices running iOS 18.7.7 or 26.4, iPadOS 18.7.7 or 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4, and watchOS 26.4 are impacted. The issue is addressed in the listed OS releases, and any running instance of these operating systems prior to those updates may be vulnerable.

Risk and Exploitability

The vulnerability has a CVSS score of 5.5, indicating moderate severity, and an EPSS score of less than 1%, suggesting a low probability of exploitation as of now. It is not listed in the Known Exploited Vulnerabilities catalog. Exploitation likely requires a compromised or malicious application that can access the device’s logging mechanisms; the attack vector is inferred to be local. While the impact is limited to data disclosure, the presence of kernel data in logs could aid attackers in further attacks if combined with other weaknesses.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Apple

iOS and iPadOS

affected

Version	Status	Constraints
`0`	affected	< 18.7.7
`0`	affected	< 26.4

Apple

macOS

affected

Version	Status	Constraints
`0`	affected	< 14.8.5
`0`	affected	< 15.7.5
`0`	affected	< 26.4

Apple

visionOS

affected

Version	Status	Constraints
`0`	affected	< 26.4

Apple

watchOS

affected

Version	Status	Constraints
`0`	affected	< 26.4

Configuration 1 [-]

OR	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:visionos::::::::
	cpe:2.3:o:apple:watchos::::::::

No data.

Vendor Product Confidence Versions

Apple

Ios And Ipados

100%

Version	Status	Scheme	Platform
`[0,18.7.7)`	affected	semver	—
`[0,26.4)`	affected	semver	—

Apple

Macos

100%

Version	Status	Scheme	Platform
`[0,14.8.5)`	affected	semver	—
`[0,15.7.5)`	affected	semver	—
`[0,26.4)`	affected	semver	—

Apple

Visionos

100%

Version	Status	Scheme	Platform
`[0,26.4)`	affected	semver	—

Apple

Watchos

100%

Version	Status	Scheme	Platform
`[0,26.4)`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update the device to the latest iOS, iPadOS, macOS, visionOS, or watchOS release that addresses the logging issue
Verify that the operating system version matches the advertised fixed versions
If an update is not immediately available, consider restricting application logging permissions or using enterprise device management to limit log exposure
Monitor device logs for unexpected content and review application behavior for signs of malicious logging
Contact Apple Support if the device cannot receive updates or if further guidance is needed

Generated by OpenCVE AI on March 25, 2026 at 21:56 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00012.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://support.apple.com/en-us/126792
https://support.apple.com/en-us/126793
https://support.apple.com/en-us/126794
https://support.apple.com/en-us/126795
https://support.apple.com/en-us/126796
https://support.apple.com/en-us/126798
https://support.apple.com/en-us/126799

History

Thu, 26 Mar 2026 12:30:00 +0000

Type	Values Removed	Values Added
Title	Logging Issue Allowing Application Disclosure of Kernel Memory	Kernel Memory Disclosure via Logging Issue

Wed, 25 Mar 2026 22:00:00 +0000

Type	Values Removed	Values Added
Title		Logging Issue Allowing Application Disclosure of Kernel Memory

Wed, 25 Mar 2026 20:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple ipados Apple iphone Os
CPEs		cpe:2.3:o:apple:ipados:::::::: cpe:2.3:o:apple:iphone_os:::::::: cpe:2.3:o:apple:macos:::::::: cpe:2.3:o:apple:visionos:::::::: cpe:2.3:o:apple:watchos::::::::
Vendors & Products		Apple ipados Apple iphone Os

Wed, 25 Mar 2026 18:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-532
Metrics		cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 25 Mar 2026 12:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apple Apple ios And Ipados Apple macos Apple visionos Apple watchos
Vendors & Products		Apple Apple ios And Ipados Apple macos Apple visionos Apple watchos

Wed, 25 Mar 2026 01:00:00 +0000

Type	Values Removed	Values Added
Description		A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. An app may be able to disclose kernel memory.
References		https://support.apple.com/en-us/126792 https://support.apple.com/en-us/126793 https://support.apple.com/en-us/126794 https://support.apple.com/en-us/126795 https://support.apple.com/en-us/126796 https://support.apple.com/en-us/126798 https://support.apple.com/en-us/126799

Subscriptions

Apple Ios And Ipados Ipados Iphone Os Macos Visionos Watchos

MITRE

Status: PUBLISHED

Assigner: apple

Published: 2026-03-25T00:35:34.920Z

Updated: 2026-04-02T18:26:13.643Z

Reserved: 2026-03-03T16:36:03.973Z

Link: CVE-2026-28868

Vulnrichment

Updated: 2026-03-25T16:01:33.287Z

NVD

Status : Analyzed

Published: 2026-03-25T01:17:10.893

Modified: 2026-03-25T20:05:57.770

Link: CVE-2026-28868

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-03-26T12:17:41Z

Weaknesses

CWE-532

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object