Apple released updates for macOS Tahoe on May 11 2026 addressing CVE-2026-28952 an out-of-bounds read in the kernel. https://support.apple.com/en-us/127115 states an out-of-bounds read was addressed with improved bounds checking. https://support.apple.com/en-us/127115 lists 15 additional CVEs fixed in the same release including CVE-2026-28991 and CVE-2026-28988. https://support.apple.com/en-us/127115 provides no discoverer attribution for CVE-2026-28952. Prior Apple advisories such as those covering CVE-2023-32434 followed identical non-attribution practice for kernel issues. https://cve.org/CVERecord?id=CVE-2026-28952 records the vulnerability as assigned by a third party with impact limited to denial-of-service.