Description
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to determine kernel memory layout.
Published: 2026-05-11
Score: n/a
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises from a logging flaw that was addressed by improving data redaction in Apple operating systems. The flaw allows an application to read kernel memory layout through logs, potentially exposing sensitive internal state. This could lead to an attacker inferring privileged information that might be leveraged for further attacks, though it does not directly grant code execution.

Affected Systems

Affected systems include Apple iOS, iPadOS, macOS, tvOS, and watchOS. Specific versions that contain the flaw are iOS 18.7.9 and 26.5, iPadOS 18.7.9 and 26.5, macOS Sequoia 15.7.7, Sonoma 14.8.7, Tahoe 26.5, tvOS 26.5, and watchOS 26.5.

Risk and Exploitability

The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog. It is typically exploited through a local app that reads log files or via a compromised application that can access the logging subsystem. Given that it reveals kernel memory layout, the risk is primarily confidentiality; an attacker could use the information to craft more targeted exploits. Monitoring for anomalous logging activity and applying the vendor patches are prudent.

Generated by OpenCVE AI on May 11, 2026 at 22:05 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply Apple security updates that fix the logging data redaction issue on all affected platforms
  • Disable or revoke logging permissions for third‑party apps that do not require them
  • Review app security posture and limit privileges to reduce the surface for kernel information leakage

Generated by OpenCVE AI on May 11, 2026 at 22:05 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 11 May 2026 22:30:00 +0000

Type Values Removed Values Added
Title Logging Redaction Issue Exposes Kernel Memory Layout
Weaknesses CWE-200

Mon, 11 May 2026 22:15:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ios And Ipados
Apple macos
Apple tvos
Apple watchos
Vendors & Products Apple
Apple ios And Ipados
Apple macos
Apple tvos
Apple watchos

Mon, 11 May 2026 20:45:00 +0000

Type Values Removed Values Added
Description A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to determine kernel memory layout.
References

Subscriptions

Apple Ios And Ipados Macos Tvos Watchos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-05-11T20:07:39.719Z

Reserved: 2026-03-03T16:36:03.989Z

Link: CVE-2026-28943

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-05-11T21:18:55.523

Modified: 2026-05-12T14:13:03.510

Link: CVE-2026-28943

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-11T22:15:06Z

Weaknesses