CVE-2024-44286EXPLOITEDPATCHED

apple · macos

CVE-2024-44286: This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. An attacker with

Description

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.1. An attacker with physical access can input keyboard events to apps running on a locked device.

Affected Products

Vendor	Product	Versions
apple	macos	0, 15.0

References

https://support.apple.com/en-us/121564

Related News (1 articles)

Tier C

VulDB4d ago

CVE-2024-44286 | Apple macOS up to 15.0 Keyboard Event state issue

→ No new info (linked only)

CVSS 3.17.5 HIGH

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

15.1

PublishedApr 2, 2026

Last enriched4d agov2

Trending Score27

Source articles1

Independent1

Info Completeness8/14

Missing: epss, cwe, kev, exploit, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2025-43202EXP

CVE-2025-43202: This issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 1

Trending: 66

HIGHCVE-2025-43210EXP

CVE-2025-43210: An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18

Trending: 58

HIGHCVE-2026-20700EXPKEV

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An attacker with memo

Trending: 47

CRITICALCVE-2024-44219EXP

CVE-2024-44219: A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. A malicious a

Trending: 29

HIGHCVE-2024-40849EXP

CVE-2024-40849: A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.1. An app may be able

Trending: 27

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 2, 2026

Discovered by ZDM

Apr 2, 2026

Actively Exploited

Apr 2, 2026

Patch Available

Apr 2, 2026

Updated: affectedVersions, activelyExploited

Apr 2, 2026

Version History

Last enriched 4d ago

v2Tier C4d ago

Updated affected versions to include 15.0, marked as actively exploited, and corrected exploit availability to false.

affectedVersionsactivelyExploited

via VulDB

v14d ago

Initial creation