Shodan
Vulnerabilities
Vulnerable Software
Apple:  >> Iphone Os  Security Vulnerabilities
CVE-2026-9963
Uninitialized Use in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVSS Score
7.5
EPSS Score
0.001
Published
2026-05-28
CVE-2026-9950
Insufficient validation of untrusted input in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)
CVSS Score
3.1
EPSS Score
0.0
Published
2026-05-28
CVE-2026-9955
Inappropriate implementation in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVSS Score
4.3
EPSS Score
0.0
Published
2026-05-28
CVE-2026-9956
Use after free in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVSS Score
7.5
EPSS Score
0.001
Published
2026-05-28
CVE-2026-8584
Inappropriate implementation in Views in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
4.2
EPSS Score
0.001
Published
2026-05-14
CVE-2026-8585
Inappropriate implementation in Media in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
7.5
EPSS Score
0.001
Published
2026-05-14
CVE-2026-8560
Heap buffer overflow in SwiftShader in Google Chrome on Mac and iOS prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
4.3
EPSS Score
0.0
Published
2026-05-14
CVE-2025-46311
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2. An app may be able to access sensitive user data.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-05-12
CVE-2026-43668
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.
CVSS Score
7.5
EPSS Score
0.002
Published
2026-05-11
CVE-2026-43653
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5. An attacker on the local network may be able to cause a denial-of-service.
CVSS Score
6.2
EPSS Score
0.0
Published
2026-05-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved