{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-28909","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","state":"PUBLISHED","assignerShortName":"apple","dateReserved":"2026-03-03T16:36:03.984Z","datePublished":"2026-04-30T22:00:01.545Z","dateUpdated":"2026-05-01T13:57:11.662Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"Users who connect to malicious registries with hostnames matching the bypass patterns will have their registry credentials exposed in plaintext."}]}],"affected":[{"vendor":"Apple","product":"macOS","versions":[{"version":"0.12.1","status":"affected","lessThan":"0.12.3","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"Users who connect to malicious registries with hostnames matching the bypass patterns will have their registry credentials exposed in plaintext. This issue is fixed in container version 0.12.3."}],"references":[{"url":"https://github.com/apple/container/security/advisories/GHSA-m5rp-xcpf-r8m7"}],"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2026-04-30T22:00:01.545Z"}},"adp":[{"problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-522","lang":"en","description":"CWE-522 Insufficiently Protected Credentials"}]}],"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":6.5,"attackVector":"NETWORK","baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","integrityImpact":"NONE","userInteraction":"REQUIRED","attackComplexity":"LOW","availabilityImpact":"NONE","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"timestamp":"2026-05-01T13:56:29.585092Z","id":"CVE-2026-28909","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-05-01T13:57:11.662Z"}}]}}