VDB
GCVE-110-NCSC-2026-139
GCVE-110-NCSC-2026-139
Advisory PublishedCVSS 8.8/10
A race condition vulnerability allowing unauthorized app access to sensitive user data was fixed with additional validation across multiple Apple operating systems including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS.
Weaknesses (CWE)
CWE-805Buffer Access with Incorrect Length Value
Risk Scores
CVSS 3.1
8.8/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Apple | vers:unknown/* | — | — |
Aliases
CVE-2025-43524CVE-2026-1837CVE-2026-28819CVE-2026-28840CVE-2026-28846CVE-2026-28847CVE-2026-28848CVE-2026-28878CVE-2026-28883CVE-2026-28897CVE-2026-28901CVE-2026-28902CVE-2026-28903CVE-2026-28904CVE-2026-28905CVE-2026-28906CVE-2026-28907CVE-2026-28908CVE-2026-28913CVE-2026-28914CVE-2026-28915CVE-2026-28917CVE-2026-28918CVE-2026-28919CVE-2026-28920CVE-2026-28922CVE-2026-28923CVE-2026-28924CVE-2026-28925CVE-2026-28929CVE-2026-28930CVE-2026-28936CVE-2026-28940CVE-2026-28941CVE-2026-28942CVE-2026-28943CVE-2026-28944CVE-2026-28946CVE-2026-28947CVE-2026-28951CVE-2026-28952CVE-2026-28953CVE-2026-28954CVE-2026-28955CVE-2026-28956CVE-2026-28958CVE-2026-28959CVE-2026-28961CVE-2026-28962CVE-2026-28969CVE-2026-28971CVE-2026-28972CVE-2026-28974CVE-2026-28976CVE-2026-28977CVE-2026-28978CVE-2026-28983CVE-2026-28985CVE-2026-28986CVE-2026-28987CVE-2026-28988CVE-2026-28990CVE-2026-28991CVE-2026-28992CVE-2026-28993CVE-2026-28994CVE-2026-28995CVE-2026-28996CVE-2026-39869CVE-2026-39870CVE-2026-39871CVE-2026-43652CVE-2026-43653CVE-2026-43654CVE-2026-43655CVE-2026-43656CVE-2026-43658CVE-2026-43659CVE-2026-43660CVE-2026-43661CVE-2026-43666CVE-2026-43668
References
Browse GCVE Records
72,096 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.