CVE-2026-28864_CVE-2026-28864

3.3 / 10

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Description

This issue was addressed with improved permissions checking. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A local attacker may gain access to user's Keychain items.

Basic Information

ID CVE-2026-28864

Source apple

Published Mar 25, 2026 at 00:35

Modified Apr 2, 2026 at 18:27

Affected Product

Vendor Apple

Product iOS and iPadOS

Affected Versions Apple iOS and iPadOS 0
Apple iOS and iPadOS 0
Apple macOS 0
Apple macOS 0
Apple macOS 0
Apple visionOS 0
Apple watchOS 0

CWE Classification

CWE-863

References

{
    "lastseen": "",
    "description": "This issue was addressed with improved permissions checking. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A local attacker may gain access to user's Keychain items.",
    "published": "2026-03-25T00:35:43.723Z",
    "modified": "2026-04-02T18:27:26.085Z",
    "type": "cve",
    "title": "CVE-2026-28864",
    "source": "apple",
    "references": "https://support.apple.com/en-us/126792\nhttps://support.apple.com/en-us/126793\nhttps://support.apple.com/en-us/126794\nhttps://support.apple.com/en-us/126795\nhttps://support.apple.com/en-us/126796\nhttps://support.apple.com/en-us/126798\nhttps://support.apple.com/en-us/126799",
    "id": "CVE-2026-28864",
    "bulletinFamily": "",
    "cwe": [
        "CWE-863"
    ],
    "cvelist": null,
    "sourceData": "Apple iOS and iPadOS 0\nApple iOS and iPadOS 0\nApple macOS 0\nApple macOS 0\nApple macOS 0\nApple visionOS 0\nApple watchOS 0",
    "sourceHref": "",
    "cvss": {
        "score": 3.3,
        "severity": "LOW",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "iOS and iPadOS",
    "version": "0",
    "vendor": "Apple",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}