Nosebeard Labs — Security Research

Nosebeard Labs set sail in the early summer of 2024 from Murano — the timeless island of glass and light within the Venetian Lagoon. Our security research is currently primarily focused on Apple.

Press

CVEs

CVE	Platforms	Vendors	Classification	Disclosed Time	Comments
CVE-2024-44206	macOS, iOS, iPadOS, watchOS, tvOS, visionOS	Apple	ST Bypass	2021-03-08	—
CVE-2025-31223	macOS, iOS, iPadOS, watchOS, tvOS, visionOS	Apple	Integer Overflow	2025-01-28	—
CVE-2025-24188	macOS	Apple	UAF	2025-05-05	—
CVE-2025-43223	macOS, iOS, iPadOS, watchOS, tvOS, visionOS	Apple	Proxy Bypass	2025-04-10	—
CVE-2025-43222	macOS, iPadOS	Apple	UAF	2025-04-15	—
CVE-2025-43222	macOS, iPadOS	Apple	UAF	2025-06-05	—
CVE-2025-43526	macOS	Apple	LDM Bypass	2025-05-19	Partial
CVE-2025-43512	macOS	Apple	Root Privilege Escalation	2025-09-25	—
CVE-2025-43513	macOS	Apple	TCC Bypass (FDA)	2025-09-19	—
TBA	macOS	Apple	AB Leak	2025-10-03	—
TBA	macOS	Apple	AB Leak	2025-10-04	—
TBA	macOS	Apple	TCC Bypass	2025-10-13	—
TBA	macOS	Apple	TCC Bypass	2025-10-15	—
TBA	iOS, iPadOS	Apple	TCC Bypass	2025-06-12	—
TBA	macOS	Apple	LPE	2025-10-28	—
TBA	macOS	Apple	Root Privilege Escalation	2025-11-07	—
TBA	macOS	Apple	Root Privilege Escalation	2025-11-20	—

Advisories

Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionOS/watchOS)

Contact

Nosebeard Labs are Andreas Jaegersberger and Ro Achterberg.

For collaboration or responsible disclosure inquiries:

Reveal email