Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-20639
An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3. Processing a maliciously crafted string may lead to heap corruption.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-25
CVE-2026-20651
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to access sensitive user data.
CVSS Score
6.2
EPSS Score
0.0
Published
2026-03-25
CVE-2026-20657
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5. Parsing a maliciously crafted file may lead to an unexpected app termination.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-03-25
CVE-2026-20664
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash.
CVSS Score
4.3
EPSS Score
0.0
Published
2026-03-25
CVE-2026-20607
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to access protected user data.
CVSS Score
4.0
EPSS Score
0.0
Published
2026-03-25
CVE-2026-20622
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3. An app may be able to capture a user's screen.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-03-25
CVE-2025-43534
A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.2 and iPadOS 26.2. A user with physical access to an iOS device may be able to bypass Activation Lock.
CVSS Score
6.8
EPSS Score
0.0
Published
2026-03-25
CVE-2026-3889
Spoofing issue in Thunderbird. This vulnerability affects Thunderbird < 149 and Thunderbird < 140.9.
CVSS Score
6.5
EPSS Score
0.0
Published
2026-03-24
CVE-2026-4371
A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking sensitive data. This vulnerability affects Thunderbird < 149 and Thunderbird < 140.9.
CVSS Score
7.4
EPSS Score
0.001
Published
2026-03-24
CVE-2026-24159
NVIDIA NeMo Framework contains a vulnerability where an attacker may cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure and data tampering.
CVSS Score
7.8
EPSS Score
0.001
Published
2026-03-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved