CVE-2026-28877

NONE EPSS 0.02%

Mar 25, 2026

Updated Mar 25, 2026

Parameter	Value
Vendor	An
Public PoC	No

An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. An app may be able to access sensitive user data.

References 5

https://support.apple.com/en-us/126792

product-security@apple.com

https://support.apple.com/en-us/126794

product-security@apple.com

https://support.apple.com/en-us/126795

product-security@apple.com

https://support.apple.com/en-us/126798

product-security@apple.com

https://support.apple.com/en-us/126799

product-security@apple.com

Share Post Share Share Share

CVE Details

CVE ID

CVE-2026-28877

Published Date

Mar 25, 2026

Vendor

Severity

NONE

Exploit Prediction (EPSS)

Probability of Exploit 0.02%

Likelihood of exploitation in next 30 days

Percentile: 4.5th percentile (higher than 4.5% of all CVEs)

Standard patching cycle

Impact

Minimal impact

Source

View Advisory

Menu

CVE-2026-28877

References 5

CVE Details

Editor's Choice

Menu

CVE-2026-28877

References 5

CVE Details

Editor's Choice

Stay informed on cybersecurity