Primary

Context

Apple macOS Sequoia LaunchServices Physical Access Vulnerability Allowing Keyboard Input to Locked Apps

Vulnerability

Patched

A vulnerability in the LaunchServices component of Apple macOS Sequoia has been identified, allowing an attacker with physical access to a device to send keyboard inputs to applications running on a locked screen. This issue arises from a race condition that could be exploited to manipulate app behavior without user consent.

Impact

Exploitation of this vulnerability could lead to unauthorized interaction with apps, potentially allowing for the manipulation of app data or functions.

Remediation

Users can update to macOS Sequoia 15.1 to address this vulnerability.

Added: Apr 2, 2026, 8:51 PM

Updated: Apr 2, 2026, 8:51 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

1.3

exploitability

3.3

remediation

7.7

relevance

5.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

1.3

exploitability

3.3

remediation

7.7

relevance

5.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple macOS Sequoia LaunchServices Physical Access Vulnerability Allowing Keyboard Input to Locked Apps

Vulnerability

Impact

Remediation

Affected Products

Apple macOS Sequoia

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating