iPadOS Apple iPadOS Apple iPad Operating System

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Apple iPadOS.

Recent Apple iPadOS Security Advisories

Advisory Title Published
127594 iOS 26.5.2 and iPadOS 26.5.2 - Apple Security Content June 29, 2026
127111 iOS 18.7.9 and iPadOS 18.7.9 - Apple Security Content May 11, 2026
127113 iOS 16.7.16 and iPadOS 16.7.16 - Apple Security Content May 11, 2026
127112 iPadOS 17.7.11 - Apple Security Content May 11, 2026
127114 iOS 15.8.8 and iPadOS 15.8.8 - Apple Security Content May 11, 2026
127110 iOS 26.5 and iPadOS 26.5 - Apple Security Content May 11, 2026
127002 iOS 26.4.2 and iPadOS 26.4.2 - Apple Security Content April 22, 2026
127003 iOS 18.7.8 and iPadOS 18.7.8 - Apple Security Content April 22, 2026
126793 iOS 18.7.7 and iPadOS 18.7.7 - Apple Security Content March 24, 2026
126792 iOS 26.4 and iPadOS 26.4 - Apple Security Content March 24, 2026

EOL Dates

Ensure that you are using a supported version of Apple iPadOS. Here are some end of life, and end of support dates for Apple iPadOS.

Release EOL Date Status
26 -
Active

18 -
Active

17 September 15, 2025
EOL

Apple iPadOS 17 became EOL in 2025 and supported ended in 2024

16 March 31, 2025
EOL

Apple iPadOS 16 became EOL in 2025 and supported ended in 2023

15 March 31, 2025
EOL

Apple iPadOS 15 became EOL in 2025 and supported ended in 2022

14 October 1, 2021
EOL

Apple iPadOS 14 became EOL in 2021 and supported ended in 2021

13 September 16, 2020
EOL

Apple iPadOS 13 became EOL in 2020 and supported ended in 2020

12 September 24, 2019
EOL

Apple iPadOS 12 became EOL in 2019 and supported ended in 2019

By the Year

In 2026 there have been 199 vulnerabilities in Apple iPadOS with an average score of 6.6 out of ten. Last year, in 2025 iPadOS had 362 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in iPadOS in 2026 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2026 is greater by 0.08.




Year Vulnerabilities Average Score
2026 199 6.62
2025 362 6.54
2024 292 6.28
2023 267 6.79
2022 215 7.18
2021 336 6.91
2020 231 7.06
2019 34 5.30

It may take a day or so for new iPadOS vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Apple iPadOS Security Vulnerabilities

Apple Safari 26.5.1 Cross-Origin Info Leak
CVE-2026-43700 6.5 - Medium - June 29, 2026

A cross-origin issue was addressed with improved tracking of security origins. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may disclose sensitive user information.

Origin Validation Error

Safari 26.5.2 Crash via Malicious Web Content, Fixed
CVE-2026-43716 6.5 - Medium - June 29, 2026

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Dangling pointer

Safari use-after-free CVE-2026-43720 fixed in Safari 26.5.2
CVE-2026-43720 6.5 - Medium - June 29, 2026

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Dangling pointer

Kernel Mem Corruption via Input Validation in Apple iOS/iPadOS/macOS 26.5.2 - Fixed
CVE-2026-39868 9.1 - Critical - June 29, 2026

This issue was addressed with improved input validation. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to cause unexpected system termination or corrupt kernel memory.

Improper Input Validation

Clipboard Hijack in Safari 26.5.2 (iOS/macOS)
CVE-2026-43721 6.5 - Medium - June 29, 2026

This issue was addressed through improved state management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to silently hijack clipboard data.

Incorrect Permission Assignment for Critical Resource

Apple Safari 26.5.2: Memory Handling Crash with Malicious Web Content
CVE-2026-39872 6.5 - Medium - June 29, 2026

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Dangling pointer

Apple Safari 26.5.2 UAF Crash via Malformed Web Content
CVE-2026-43717 6.5 - Medium - June 29, 2026

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Dangling pointer

Apple Safari 26.5.2 Memory Disclosure via Malicious Web Content
CVE-2026-43740 6.5 - Medium - June 29, 2026

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may result in the disclosure of process memory.

Dangling pointer

Apple Safari/iOS Sandbox Bypass via Malicious Site (fixed in 26.5.2)
CVE-2026-43701 7.1 - High - June 29, 2026

The issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to process restricted web content outside the sandbox.

Authorization

Safari Mem Corruption Crash <26.5.2
CVE-2026-43663 6.5 - Medium - June 29, 2026

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Dangling pointer

Use-After-Free in Safari 26.5.2 Causing Crash
CVE-2026-43726 6.5 - Medium - June 29, 2026

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Dangling pointer

Apple iOS/iPadOS/macOS double free bug in web content 26.5.2
CVE-2026-43706 6.5 - Medium - June 29, 2026

A double free issue was addressed with improved memory management. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Double-free

Apple Safari 26.5.2 Use-After-Free Crash
CVE-2026-43746 6.5 - Medium - June 29, 2026

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Dangling pointer

Safari 26.5.2 Memory Corruption Fix: Crash from Malicious Web Content
CVE-2026-43707 6.5 - Medium - June 29, 2026

A memory corruption issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Buffer Overflow

Use-After-Free Crash in Safari, iOS/iPadOS/macOS, Fixed in 26.5.2
CVE-2026-43727 6.5 - Medium - June 29, 2026

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Dangling pointer

Apple Safari <26.5.2: UAF in Web Content (fixed v26.5.2)
CVE-2026-43731 8.8 - High - June 29, 2026

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption.

Dangling pointer

Kernel memory write in Apple OS 26.5.2 (iOS, iPadOS, macOS)
CVE-2026-43724 7.8 - High - June 29, 2026

The issue was addressed with improved input sanitization. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to cause unexpected system termination or write kernel memory.

Improper Input Validation

Safari Path Handling Disclosure Vulnerability Fixed 26.5.2
CVE-2026-43732 6.5 - Medium - June 29, 2026

A path handling issue was addressed with improved validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may disclose sensitive user information.

Directory traversal

CVE-2026-43708 Safari <26.5.2 cross-origin data exfiltration
CVE-2026-43708 4.3 - Medium - June 29, 2026

The issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may exfiltrate data cross-origin.

Improper Input Validation

Apple Safari Crash via Malicious Web Content, Fixed in 26.5.2
CVE-2026-43712 6.5 - Medium - June 29, 2026

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Memory Corruption

Out-of-Bounds Write Leading to Safari Crash (pre-26.5.2)
CVE-2026-43745 6.5 - Medium - June 29, 2026

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Memory Corruption

Apple Safari 26.5.2 Use-After-Free in Web Extension Causing Crash
CVE-2026-43704 5.3 - Medium - June 29, 2026

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious web extension may be able to cause an unexpected process crash.

Dangling pointer

Safari & iOS Type Confusion Memory Corruption Fixed in 26.5.2
CVE-2026-43705 8.8 - High - June 29, 2026

A type confusion issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption.

Object Type Confusion

Safari/iOS/iPadOS Permissions Leak, fixed in 26.5.2
CVE-2026-43713 6.5 - Medium - June 29, 2026

A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Visiting a website may leak sensitive data.

Authorization

Safari UAF Crash Fixed in 26.5.2
CVE-2026-43709 6.5 - Medium - June 29, 2026

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Dangling pointer

Apple Safari UAF in 26.5.2: Crash via Malicious Web Content
CVE-2026-43699 6.5 - Medium - June 29, 2026

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Dangling pointer

Safari OOB Crash (v26.5.2) Boundscheck Fix
CVE-2026-43676 6.5 - Medium - June 29, 2026

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Out-of-bounds Read

Apple Safari 26.5.2: Sandbox Escape via Input Validation
CVE-2026-43725 7.1 - High - June 29, 2026

The issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to process restricted web content outside the sandbox.

Improper Input Validation

Race Condition in Apple OS (iOS 26.5.2/iPadOS 26.5.2/macOS Tahoe) Crash
CVE-2026-43743 4.7 - Medium - June 29, 2026

A race condition was addressed with improved state handling. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to cause unexpected system termination.

Race Condition

Kernel State Leak from Improper Sanitization in Apple iOS/macOS 26.5.2
CVE-2026-43722 5.5 - Medium - June 29, 2026

The issue was addressed with improved input sanitization. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to leak sensitive kernel state.

Improper Input Validation

Apple Safari stack overflow via malformed web content (pre-26.5.2)
CVE-2026-43718 6.5 - Medium - June 29, 2026

A stack overflow was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Stack Overflow

Safari UA-FREE CVE-2026-43734 fixed in 26.5.2
CVE-2026-43734 6.5 - Medium - June 29, 2026

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Dangling pointer

Apple Safari/iOS/iPadOS/macOS Tahoe OOB Access (Fixed 26.5.2)
CVE-2026-28979 6.5 - Medium - June 29, 2026

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Out-of-bounds Read

Apple Safari Cross-Origin Data Exfil - Fixed in 26.5.2
CVE-2026-43735 8.1 - High - June 29, 2026

The issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may exfiltrate data cross-origin.

Session Riding

Apple WebKit <=26.5.2 Crash via Malformed Web Content
CVE-2026-43703 6.5 - Medium - June 29, 2026

The issue was addressed with improved memory handling. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Out-of-bounds Read

Safari UAF vulnerability; fixed in Safari 26.5.2
CVE-2026-43742 6.5 - Medium - June 29, 2026

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Dangling pointer

Use-After-Free in Apple Safari <26.5.2 (memory corruption)
CVE-2026-43715 8.8 - High - June 29, 2026

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption.

Dangling pointer

iOS/iPadOS resource exhaustion (CVE-2026-28872) fixed in 18.7.9/26.4
CVE-2026-28872 7.5 - High - May 11, 2026

A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4. A remote attacker may be able to cause a denial-of-service.

Resource Exhaustion

Apple iOS/macOS/tvOS Local Network DoS via Memory Handling
CVE-2026-43653 6.2 - Medium - May 11, 2026

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5. An attacker on the local network may be able to cause a denial-of-service.

Resource Exhaustion

Apple iOS 26.5/iPadOS 26.5 Sandbox Escape via Logic Error
CVE-2026-28995 8.8 - High - May 11, 2026

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A malicious app may be able to break out of its sandbox.

Improper Privilege Management

Apple OS Type Confusion (CVE-2026-28983) Remote DoS (fixed iOS 18.7.9)
CVE-2026-28983 7.5 - High - May 11, 2026

A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A remote attacker may be able to cause a denial of service.

Object Type Confusion

Apple iOS/iPadOS Mem Corrupt from Malicious Image (fixed 18.7.9)
CVE-2026-28940 8.8 - High - May 11, 2026

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5. Processing a maliciously crafted image may corrupt process memory.

Buffer Overflow

Apple iOS Updated 18.7.9 Prevents Crash from Malicious Web Content
CVE-2026-28917 4.3 - Medium - May 11, 2026

The issue was addressed with improved input validation. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.

Improper Input Validation

Apple OS iOS 18.7.9 Crash via Malicious Audio Stream
CVE-2026-39869 4.3 - Medium - May 11, 2026

The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing an audio stream in a maliciously crafted media file may terminate the process.

Classic Buffer Overflow

Apple WebKit Memory Crash via Crafted Web Content - fixed in 26.5
CVE-2026-28901 8.8 - High - May 11, 2026

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.

Buffer Overflow

Apple Media Codec Memory Corruption in iOS/macOS prior 26.5
CVE-2026-28956 6.5 - Medium - May 11, 2026

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.

Out-of-bounds Read

Apple iOS/macOS File Parser DoS / Mem Disclosure (fixed iOS18.7.9, macOS15.7.7)
CVE-2026-28941 7.1 - High - May 11, 2026

The issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Tahoe 26.5. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents.

Buffer Overflow

Apple iOS/iPadOS Camera Metadata Leak Enables Capture (pre 18.7.9/26.5)
CVE-2026-28957 3.3 - Low - May 11, 2026

An issue with app access to camera metadata was addressed with improved logic. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, visionOS 26.5. An app may be able to capture a user's screen.

Authorization

Apple WiFi Use-After-Free DoS fixed iOS 18.7.9 / macOS 15.7.7
CVE-2026-28994 5.3 - Medium - May 11, 2026

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Wi-Fi packets.

Dangling pointer

Use-After-Free in Apple OS Kernels (iOS 18.7.9+, macOS 15.7.7+)
CVE-2026-43668 7.5 - High - May 11, 2026

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.

Dangling pointer

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Apple iPadOS or by Apple? Click the Watch button to subscribe.

Apple
Vendor

Apple iPadOS
Apple iPad Operating System

subscribe