CVE-2026-49269

Apple M1 GPUs retain register file data between compute shader dispatches from different processes. A sandboxed Metal attacker app can run a GPU reader shader that reads stale register values left by a separate sandboxed victim app. In the proof of concept, GPUVictim.app generates a fresh random 128-bit secret using SecRandomCopyBytes and loads it into GPU registers. GPUAttacker.app, a separate sandboxed app, recovers the exact secret from stale GPU register state. NOTE: The vendor stated that this behavior affects only legacy hardware and has already been addressed at the hardware level in current-generation Apple Silicon.
Configurations

No configuration.

History

24 Jun 2026, 17:17

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.6
CWE CWE-200

24 Jun 2026, 16:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-06-24 16:16

Updated : 2026-06-25 19:14


NVD link : CVE-2026-49269

Mitre link : CVE-2026-49269

CVE.ORG link : CVE-2026-49269


JSON object : View

Products Affected

No product.

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor