{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-28815", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2026-03-03T16:36:03.967Z", "datePublished": "2026-04-03T01:32:28.999Z", "dateUpdated": "2026-04-03T13:39:46.737Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "A remote attacker can supply a short X-Wing HPKE encapsulated key and trigger an out-of-bounds read in the C decapsulation path, potentially causing a crash or memory disclosure depending on runtime protections."}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "4.0.0", "status": "affected", "lessThan": "4.3.1", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A remote attacker can supply a short X-Wing HPKE encapsulated key and trigger an out-of-bounds read in the C decapsulation path, potentially causing a crash or memory disclosure depending on runtime protections. This issue is fixed in swift-crypto version 4.3.1."}], "references": [{"url": "https://github.com/apple/swift-crypto/security/advisories/GHSA-9m44-rr2w-ppp7"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-03T01:32:59.037Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-125", "lang": "en", "description": "CWE-125 Out-of-bounds Read"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-03T13:39:01.280550Z", "id": "CVE-2026-28815", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T13:39:46.737Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-28815", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-03T13:39:01.280550Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-03T13:39:13.993Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "4.0.0", "lessThan": "4.3.1", "versionType": "custom"}]}], "references": [{"url": "https://github.com/apple/swift-crypto/security/advisories/GHSA-9m44-rr2w-ppp7"}], "descriptions": [{"lang": "en", "value": "A remote attacker can supply a short X-Wing HPKE encapsulated key and trigger an out-of-bounds read in the C decapsulation path, potentially causing a crash or memory disclosure depending on runtime protections. This issue is fixed in swift-crypto version 4.3.1."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "A remote attacker can supply a short X-Wing HPKE encapsulated key and trigger an out-of-bounds read in the C decapsulation path, potentially causing a crash or memory disclosure depending on runtime protections."}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-03T01:32:59.037Z"}}}, "cveMetadata": {"cveId": "CVE-2026-28815", "state": "PUBLISHED", "dateUpdated": "2026-04-03T13:39:46.737Z", "dateReserved": "2026-03-03T16:36:03.967Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2026-04-03T01:32:28.999Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A remote attacker can supply a short X-Wing HPKE encapsulated key and trigger an out-of-bounds read in the C decapsulation path, potentially causing a crash or memory disclosure depending on runtime protections. This issue is fixed in swift-crypto version 4.3.1."}], "id": "CVE-2026-28815", "lastModified": "2026-04-03T16:10:23.730", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-03T03:16:18.093", "references": [{"source": "product-security@apple.com", "url": "https://github.com/apple/swift-crypto/security/advisories/GHSA-9m44-rr2w-ppp7"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[4.0.0,4.3.1)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "macOS", "source": "cna", "vendor": "Apple"}, "product": "macos", "vendor": "apple"}], "analysis": {"en": {"generated_at": "2026-04-03T05:20:44.651329+00:00", "value": {"mitigation_remediation": ["Upgrade Swift\u00a0Crypto to version\u00a04.3.1 or later"], "summary": {"action": "Immediate Patch", "impact": "Potential memory disclosure or crash"}, "threat_synthesis": {"affected_systems": "Apple macOS systems that include the Swift\u00a0Crypto library, specifically versions earlier than 4.3.1. The vulnerability is resolved in Swift\u00a0Crypto 4.3.1 and later.", "description_and_impact": "An out\u2011of\u2011bounds read occurs during the HPKE decapsulation path in Swift\u00a0Crypto when a remote attacker supplies a short X\u2011Wing encapsulated key. The exploit can trigger a crash or, if the operating system\u2019s memory protections are bypassed, disclose memory content. The attack vector is inferred to be remote, requiring the attacker to send a crafted key over the network to the vulnerable process.", "risk_and_exploitability": "No EPSS score is publicly available and the vulnerability is not listed in the CISA KEV catalog, so the probability of exploitation is uncertain. However, the potential impact\u2014a crash or memory disclosure\u2014means that any deployment using this library should treat it as high risk. Once the attacker can deliver the malformed key, the vulnerability can be triggered without additional privileged access."}}}}, "created": "2026-04-03T07:31:13.631132+00:00", "title": "Out\u2011of\u2011Bounds Read in Swift\u00a0Crypto HPKE Decapsulation", "updated": "2026-04-03T09:16:01.289565+00:00", "vendors": ["apple", "apple$PRODUCT$macos"], "weaknesses": ["CWE-125", "CWE-200"]}