Zero Day Initiative - The Apple macOS Security Update Review

Zero Day Initiative - The Apple macOS Security Update Review

Briefly

"CVE-2026-28819 (Wi-Fi) stands out as the strongest candidate for the most severe as it states, "An app may be able to execute arbitrary code with kernel privileges." The combination of arbitrary code execution at the kernel level is about as bad as it gets on a severity scale. Plus, it affects all three macOS versions (Tahoe, Sequoia, and Sonoma)."

"CVE-2026-43668 (mDNSResponder) also piques my interest since, "A remote attacker may be able to cause unexpected system termination or corrupt kernel memory." The remote attack vector with kernel memory corruption on all three OS versions makes this a serious one, especially since mDNSResponder is always running."

"CVE-2026-28972 (Kernel) This one states that "An app may be able to cause unexpected system termination or write kernel memory." An out-of-bounds write directly into kernel memory on all three OS versions. This one may also have implications in the upcoming Pwn2Own Berlin contest."

"For May 2026, Apple released 82 unique CVEs across the three macOS versions: 79 for macOS Tahoe 26.5, 45 for macOS Sequoia 15.7.7, and 42 for macOS Sonoma 14.8.7. Since Apple doesn't provide CVSS scores or other severity information, we're left to speculate on which of these bugs is the most severe."