CVE-2026-49269: n/a
Apple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run a GPU reader shader that reads stale register values left by a separate sandboxed victim app. In the proof of concept, GPUVictim.app generates a fresh random 128-bit secret using SecRandomCopyBytes and loads it into GPU registers. GPUAttacker.app, a separate sandboxed app, recovers the exact secret from stale GPU register state. NOTE: The vendor stated that this behavior affects only legacy hardware and has already been addressed at the hardware level in current-generation Apple Silicon.
AI Analysis
Technical Summary
CVE-2026-49269 describes a vulnerability in Apple M1 GPUs where register file data is retained between compute shader dispatches across different sandboxed processes. This allows a malicious Metal app to read stale GPU register values left by another sandboxed app, leading to potential leakage of sensitive information such as a 128-bit secret generated by the victim app. The issue is limited to legacy hardware and has been resolved in newer Apple Silicon hardware at the hardware level. No software patch or remediation level is currently documented.
Potential Impact
The vulnerability can lead to information disclosure between sandboxed applications on affected legacy Apple M1 GPU hardware. Specifically, sensitive data stored in GPU registers by one app can be read by another app, violating process isolation and confidentiality. There is no indication of broader system compromise or code execution from the provided data.
Mitigation Recommendations
The vendor has indicated that this vulnerability affects only legacy hardware and has been addressed at the hardware level in current-generation Apple Silicon devices. No software patch or official remediation is documented. Users should upgrade to current-generation Apple Silicon hardware to mitigate this issue. For legacy hardware, no specific mitigation guidance is provided in the available data. Patch status is not yet confirmed — check the vendor advisory for current remediation guidance.
CVE-2026-49269: n/a
Description
Apple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run a GPU reader shader that reads stale register values left by a separate sandboxed victim app. In the proof of concept, GPUVictim.app generates a fresh random 128-bit secret using SecRandomCopyBytes and loads it into GPU registers. GPUAttacker.app, a separate sandboxed app, recovers the exact secret from stale GPU register state. NOTE: The vendor stated that this behavior affects only legacy hardware and has already been addressed at the hardware level in current-generation Apple Silicon.
CVSS v3.1
Score 8.6high
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-49269 describes a vulnerability in Apple M1 GPUs where register file data is retained between compute shader dispatches across different sandboxed processes. This allows a malicious Metal app to read stale GPU register values left by another sandboxed app, leading to potential leakage of sensitive information such as a 128-bit secret generated by the victim app. The issue is limited to legacy hardware and has been resolved in newer Apple Silicon hardware at the hardware level. No software patch or remediation level is currently documented.
Potential Impact
The vulnerability can lead to information disclosure between sandboxed applications on affected legacy Apple M1 GPU hardware. Specifically, sensitive data stored in GPU registers by one app can be read by another app, violating process isolation and confidentiality. There is no indication of broader system compromise or code execution from the provided data.
Mitigation Recommendations
The vendor has indicated that this vulnerability affects only legacy hardware and has been addressed at the hardware level in current-generation Apple Silicon devices. No software patch or official remediation is documented. Users should upgrade to current-generation Apple Silicon hardware to mitigate this issue. For legacy hardware, no specific mitigation guidance is provided in the available data. Patch status is not yet confirmed — check the vendor advisory for current remediation guidance.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2026-05-28T00:00:00.000Z
- Cvss Version
- null
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a3bfa2beed863c81e0bc509
Added to database: 06/24/2026, 15:39:23 UTC
Last enriched: 06/24/2026, 15:55:24 UTC
Last updated: 06/24/2026, 19:07:51 UTC
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.