MDR
Solutions
Partners
About
Resources
iOS, iPadOS (versions 15–26), macOS (Sonoma, Sequoia, Tahoe), tvOS, watchOS, and visionOS across all supported Apple devices.
Extensive set of CVEs enabling DoS, sandbox escapes, kernel memory disclosure, privilege escalation, data exposure, and process crashes.
Disclosed 12 May 2026; auto-update available; classified as Informative Cyber Alert covering medium/low severity vulnerabilities.
App sandbox, kernel, WebKit web content rendering, local network interfaces, Wi-Fi stack, and physical device access vectors.
Memory corruption, out-of-bounds reads/writes, use-after-free, improper authorisation, protection mechanism failures, and missing input validation.
Malicious apps, crafted media/image/web content, local network packets, or physical device access trigger vulnerable code paths.
Exploitation may allow DoS, sandbox escapes, kernel memory disclosure, privilege escalation, and arbitrary code execution on Apple devices.
Broad impact across all Apple platforms including iOS, macOS, tvOS, watchOS, and visionOS; auto-update limits severity classification.
Update all Apple devices to latest OS releases: iOS/iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5, and visionOS 26.5.
Enforce timely OS updates across all Apple device fleet; apply least privilege and restrict physical access to locked devices.
Apple Security Updates: support.apple.com advisories 127110–127120 covering all platform releases. Multiple CVEs across CVE-2026-28xxx and CVE-2026-43xxx series.
Trusted by clients worldwide
Led by human expertise and powered by the VisionX platform, we provide you with a 24/7 unbeatable Managed Detection & Response capability giving you transparent and consolidated security solutions.
.jpg)