CVE Weekly Report — Week of Jun 8 – June 14, 2026
2026-W24
13
Total CVEs
0
Critical
5
High
0
Actively exploited
🔴 Critical CVEs (0)
No CVEs in this category this week.
🟠 High CVEs (5)
| CVE | Product | CVSS | KEV | Description | Published |
|---|---|---|---|---|---|
| CVE-2025-24284 | macOS | 8.8 | — | This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Sequoia 15.4… | Jun 11 |
| CVE-2025-31272 | macOS | 7.8 | — | The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to bypass la… | Jun 11 |
| CVE-2025-46315 | macOS | 7.5 | — | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be a… | Jun 11 |
| CVE-2026-49975 | nginx | 7.5 | — | Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service vi… | Jun 8 |
| CVE-2022-26758 | macOS | 7.1 | — | A malicious application may cause unexpected changes in memory shared between processes. A memory corruption issue was a… | Jun 10 |
🟡 Medium CVEs (7)
| CVE | Product | CVSS | KEV | Description | Published |
|---|---|---|---|---|---|
| CVE-2025-43339 | macOS | 5.5 | — | An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. A malicious… | Jun 11 |
| CVE-2025-30459 | macOS | 5.5 | — | A privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.4. An app may be … | Jun 11 |
| CVE-2025-30431 | macOS | 5.5 | — | The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Vent… | Jun 11 |
| CVE-2025-46293 | macOS | 5.5 | — | This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be ab… | Jun 11 |
| CVE-2025-24268 | macOS | 5.5 | — | A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in m… | Jun 11 |
| CVE-2026-9751 | MongoDB | 5.5 | — | The ldapQueryPassword parameter, when set through the runtime setParameter command, will log the new password to the mon… | Jun 9 |
| CVE-2025-46308 | macOS | 5.3 | — | An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, ma… | Jun 11 |
🔵 Low CVEs (1)
| CVE | Product | CVSS | KEV | Description | Published |
|---|---|---|---|---|---|
| CVE-2022-48575 | macOS | 3.5 | — | A person with access to a Mac may be able to bypass Login Window. A consistency issue was addressed with improved state … | Jun 10 |