- ACKNOWLEDGE: IOKit - Stack Buffer Overflow in IOFrameMobile Driver
- ACKNOWLEDGE: IOKit - AppleJPEGDriver Kernel Memory Exhaustion / Memory Leak
- ACKNOWLEDGE: Kext Management - Info leak on kext load
- CVE-NONE: Entitlement Bypass & NULL Pointer Dereference in IOMobileFramebuffer
- CVE-2025-64724: Insecure File Permissions in Arduino IDE for macOS
- CVE-2025-64723: TCC Bypass via Dynamic Library Injection in Arduino IDE for macOS
- CVE-2025-14714: TCC Bypass via Inherited Permissions in Bundled Interpreter
- CVE-2025-64897: Local Privilege Escalation due to world-writeable permissions in Adobe ColdFusion
- CVE-2025-10015: TCC Bypass via Downloader XPC Service in Sparkle
- CVE-2025-10016: Local Privilege Escalation in Sparkle Autoupdate Daemon
- CVE-2025-8700: Privilege Escalation via get-task-allow entitlement in Invoice Ninja
- CVE-2025-8597: Privilege Escalation via get-task-allow entitlement in MacVim
- CVE-2025-53813: TCC Bypass via misconfigured Node fuses in Nozbe
- CVE-2025-9190: TCC Bypass via misconfigured Node fuses in Cursor
- CVE-2025-53811: TCC Bypass via misconfigured Node fuses in Mosh-Pro
- CVE-2025-8672: TCC Bypass via Inherited Permissions in Bundled Interpreter in GIMP
- CVE-2025-8533: Incorrect Authorization of XPC Service in Fantastical
- CVE-2025-1413: Local Privilege Escalation due to world-writeable permissions in DaVinci Resolve
- CVE-2025-4081: TCC Bypass via Dylib Injection in DaVinci Resolve
- CVE-2025-2098: Local Privilege Escalation due to world-writeable permissions in Fast CAD Reader
- CC-2390: Local Privilege Escalation due to world-writeable permissions in KeeperChat
- CVE-2025-4280: TCC Bypass via Inherited Permissions in Bundled Interpreter in Poedit.app
- CVE-2025-4412: TCC Bypass via Dylib Injection in Viscosity.app
- CVE-2025-5963: TCC Bypass via Dylib Injection in Postbox
- CVE-2025-5255: TCC Bypass via Dylib Injection in Phoenix Code
- CVE-2024-23739: TCC Bypass via misconfigured Node fuses in Discord
- CVE-2025-22165: Local Privilege Escalation due to world-writeable permissions in Sourcetree
- CVE-2024-24916: DLL HiJacking in SmartConsole for R82
- CVE-2024-24915: Credential Exposure via Memory Dump in SmartConsole
- CVE-2023-1478: Hummingbird < 3.4.2 - Unauthenticated Path Traversal
- CVE-2023-38419: K000133472: BIG-IP and BIG-IQ iControl SOAP vulnerability
- CVE-2023-38138: K000133474: BIG-IP Configuration utility vulnerability
- CVE-2025-22270: Stored XSS in CyberArk Endpoint Privilege Manager
- CVE-2025-22271: IP Spoofing in CyberArk Endpoint Privilege Manager
- CVE-2025-22272: Self Reflected XSS in CyberArk Endpoint Privilege Manager
- CVE-2025-22273: Lack of rate-limiting in password change mechanism in CyberArk Endpoint Privilege Manager
- CVE-2025-22274: HTML injection in CyberArk Endpoint Privilege Manager