Primary

Context

Apple Products Authentication Bypass Vulnerability Allowing Sensitive Kernel State Leakage

Vulnerability

Patched

A vulnerability exists in multiple Apple operating systems, including iOS, iPadOS, macOS, tvOS, watchOS, and visionOS, all version 26.4 or 18.7.7. This vulnerability allows apps to leak sensitive kernel state due to an authentication issue that has been addressed with improved authentication measures. The issue was reported by Jian Lee.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive kernel information, potentially allowing for further exploitation or manipulation of system processes.

Remediation

Users can update to iOS 26.4, iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, or watchOS 26.4 to address this vulnerability.

Added: Mar 25, 2026, 1:48 AM

Updated: Mar 25, 2026, 1:48 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

4.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

4.7

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple Products Authentication Bypass Vulnerability Allowing Sensitive Kernel State Leakage

Vulnerability

Impact

Remediation

Affected Products

Apple iPadOS

Apple macOS Sequoia

Apple tvOS

Apple watchOS

Apple visionOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating