CVE-2026-28909: Users who connect to malicious registries with hostnames matching the bypass patterns will have their registry credentials exposed in plaintext. in Apple macOS
CVE-2026-28909 is a vulnerability in Apple macOS where users connecting to malicious registries with hostnames that match certain bypass patterns may have their registry credentials exposed in plaintext. This issue affects container version 0.12.1 and is fixed in version 0.12.3. The vulnerability has a CVSS score of 6.5, indicating a medium severity level. There are no known exploits in the wild at this time.
AI Analysis
Technical Summary
This vulnerability allows exposure of registry credentials in plaintext when users connect to malicious registries whose hostnames match specific bypass patterns. It affects Apple macOS container version 0.12.1. The issue is addressed in container version 0.12.3. The CVSS vector indicates the attack can be performed remotely without privileges but requires user interaction, with high confidentiality impact and no impact on integrity or availability.
Potential Impact
Successful exploitation results in the exposure of registry credentials in plaintext, which compromises confidentiality. There is no impact on integrity or availability. The vulnerability requires user interaction and remote network access to a malicious registry with a hostname matching bypass patterns.
Mitigation Recommendations
A fix is available in container version 0.12.3. Users and administrators should upgrade to this version to remediate the vulnerability. Patch status beyond this version is not explicitly stated, so checking the vendor advisory for the latest updates is recommended.
CVE-2026-28909: Users who connect to malicious registries with hostnames matching the bypass patterns will have their registry credentials exposed in plaintext. in Apple macOS
Description
CVE-2026-28909 is a vulnerability in Apple macOS where users connecting to malicious registries with hostnames that match certain bypass patterns may have their registry credentials exposed in plaintext. This issue affects container version 0.12.1 and is fixed in version 0.12.3. The vulnerability has a CVSS score of 6.5, indicating a medium severity level. There are no known exploits in the wild at this time.
CVSS v3.1
Score 6.5medium
Affected software
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability allows exposure of registry credentials in plaintext when users connect to malicious registries whose hostnames match specific bypass patterns. It affects Apple macOS container version 0.12.1. The issue is addressed in container version 0.12.3. The CVSS vector indicates the attack can be performed remotely without privileges but requires user interaction, with high confidentiality impact and no impact on integrity or availability.
Potential Impact
Successful exploitation results in the exposure of registry credentials in plaintext, which compromises confidentiality. There is no impact on integrity or availability. The vulnerability requires user interaction and remote network access to a malicious registry with a hostname matching bypass patterns.
Mitigation Recommendations
A fix is available in container version 0.12.3. Users and administrators should upgrade to this version to remediate the vulnerability. Patch status beyond this version is not explicitly stated, so checking the vendor advisory for the latest updates is recommended.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- apple
- Date Reserved
- 2026-03-03T16:36:03.984Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69f3d61dcbff5d86109e92eb
Added to database: 4/30/2026, 10:22:21 PM
Last enriched: 5/8/2026, 2:17:42 AM
Last updated: 6/14/2026, 10:21:16 PM
Views: 88
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.