Apple tvOS Apple TV Operating System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Apple tvOS.
Recent Apple tvOS Security Advisories
| Advisory | Title | Published |
|---|---|---|
| 127118 | tvOS 26.5 - Apple Security Content | May 11, 2026 |
| 126797 | tvOS 26.4 - Apple Security Content | March 24, 2026 |
| 126351 | tvOS 26.3 - Apple Security Content | February 11, 2026 |
| 125889 | tvOS 26.2 - Apple Security Content | December 12, 2025 |
| 125637 | tvOS 26.1 - Apple Security Content | November 3, 2025 |
| 125114 | tvOS 26 - Apple Security Content | September 15, 2025 |
| 124153 | tvOS 18.6 - Apple Security Content | July 29, 2025 |
| 122720 | tvOS 18.5 - Apple Security Content | May 12, 2025 |
| 122401 | tvOS 18.4.1 - Apple Security Content | April 16, 2025 |
| 122377 | tvOS 18.4 - Apple Security Content | March 31, 2025 |
Apple tvOS EOL Dates
Ensure that you are using a supported version of Apple tvOS. Here are some end of life, and end of support dates for Apple tvOS.
| Release | EOL Date | Status |
|---|---|---|
| 26 | - |
Active
|
| 18 | September 15, 2025 |
EOL
Apple tvOS 18 became EOL in 2025. |
| 17 | September 16, 2024 |
EOL
Apple tvOS 17 became EOL in 2024. |
| 16 | September 18, 2023 |
EOL
Apple tvOS 16 became EOL in 2023. |
| 15 | September 12, 2022 |
EOL
Apple tvOS 15 became EOL in 2022. |
| 14 | September 20, 2021 |
EOL
Apple tvOS 14 became EOL in 2021. |
| 13 | September 16, 2020 |
EOL
Apple tvOS 13 became EOL in 2020. |
| 12 | September 24, 2019 |
EOL
Apple tvOS 12 became EOL in 2019. |
| 11 | September 17, 2018 |
EOL
Apple tvOS 11 became EOL in 2018. |
| 10 | September 19, 2017 |
EOL
Apple tvOS 10 became EOL in 2017. |
| 9 | September 13, 2016 |
EOL
Apple tvOS 9 became EOL in 2016. |
By the Year
In 2026 there have been 86 vulnerabilities in Apple tvOS with an average score of 6.5 out of ten. Last year, in 2025 tvOS had 207 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in tvOS in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.25
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 86 | 6.46 |
| 2025 | 207 | 6.71 |
| 2024 | 152 | 6.76 |
| 2023 | 133 | 7.00 |
| 2022 | 145 | 7.38 |
| 2021 | 242 | 7.15 |
| 2020 | 216 | 7.49 |
| 2019 | 262 | 7.91 |
| 2018 | 67 | 7.81 |
It may take a day or so for new tvOS vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Apple tvOS Security Vulnerabilities
Apple iOS/macOS/tvOS Local Network DoS via Memory Handling
CVE-2026-43653
6.2 - Medium
- May 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5. An attacker on the local network may be able to cause a denial-of-service.
Resource Exhaustion
Apple OS Type Confusion (CVE-2026-28983) Remote DoS (fixed iOS 18.7.9)
CVE-2026-28983
7.5 - High
- May 11, 2026
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A remote attacker may be able to cause a denial of service.
Object Type Confusion
Apple iOS 26.5/iPadOS 26.5 Sandbox Escape via Logic Error
CVE-2026-28995
8.8 - High
- May 11, 2026
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A malicious app may be able to break out of its sandbox.
Improper Privilege Management
Apple iOS/iPadOS Mem Corrupt from Malicious Image (fixed 18.7.9)
CVE-2026-28940
7.5 - High
- May 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5. Processing a maliciously crafted image may corrupt process memory.
Buffer Overflow
Apple iOS Updated 18.7.9 Prevents Crash from Malicious Web Content
CVE-2026-28917
4.3 - Medium
- May 11, 2026
The issue was addressed with improved input validation. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
Improper Input Validation
Apple OS iOS 18.7.9 Crash via Malicious Audio Stream
CVE-2026-39869
4.3 - Medium
- May 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing an audio stream in a maliciously crafted media file may terminate the process.
Classic Buffer Overflow
Apple WebKit Memory Crash via Crafted Web Content - fixed in 26.5
CVE-2026-28901
4.3 - Medium
- May 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
Buffer Overflow
Apple Media Codec Memory Corruption in iOS/macOS prior 26.5
CVE-2026-28956
6.5 - Medium
- May 11, 2026
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
Out-of-bounds Read
Apple WiFi Use-After-Free DoS fixed iOS 18.7.9 / macOS 15.7.7
CVE-2026-28994
5.3 - Medium
- May 11, 2026
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Wi-Fi packets.
Dangling pointer
Use-After-Free in Apple OS Kernels (iOS 18.7.9+, macOS 15.7.7+)
CVE-2026-43668
7.5 - High
- May 11, 2026
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.
Dangling pointer
iOS/macOS tvOS Bypass Bounds Check Crash - Fixed in 18.7.9, 26.5
CVE-2026-28977
6.2 - Medium
- May 11, 2026
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing a maliciously crafted file may lead to unexpected app termination.
Buffer Overflow
Apple Safari/WebKit Info Leak via Malicious Site Fixed iOS 26.5, macOS 15.7
CVE-2026-28920
6.5 - Medium
- May 11, 2026
An information leakage was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Visiting a maliciously crafted website may leak sensitive data.
Information Disclosure
Apple OS 26.5 Null Ptr Deref Local DoS
CVE-2026-28985
6.2 - Medium
- May 11, 2026
A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5. An attacker on the local network may be able to cause a denial-of-service.
NULL Pointer Dereference
Apple OS Kernel Buffer Overflow Fixed in iOS 18.7.9/Sequoia 15.7.7
CVE-2026-28897
6.2 - Medium
- May 11, 2026
A buffer overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A local user may be able to cause unexpected system termination or read kernel memory.
Stack Overflow
CSP bypass in Apple OS 26.5 (iOS, iPadOS, macOS, tvOS, visionOS, watchOS)
CVE-2026-28907
8.1 - High
- May 11, 2026
The issue was addressed with improved input validation. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
Output Sanitization
Apple OS Out-of-Bounds Read (Fixed in 26.5)
CVE-2026-43655
7.3 - High
- May 11, 2026
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination or read kernel memory.
Out-of-bounds Read
Apple OS Kernel Mem Disclosure via App (fixed iOS 18.7.9+; macOS 15.7.7+)
CVE-2026-43654
- May 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to disclose kernel memory.
Apple Safari: UAF Crash Vulnerability Fixed in 26.5
CVE-2026-28947
8.8 - High
- May 11, 2026
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Dangling pointer
Apple OS memory corruption (fixed iOS 18.7.9, macOS 15.7.7)
CVE-2026-28992
4.7 - Medium
- May 11, 2026
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An attacker may be able to cause unexpected app termination.
Race Condition
Apple Safari 26.5 Crash via Malicious Web Content
CVE-2026-43658
7.5 - High
- May 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Buffer Overflow
WebKit Crash via WebContent (iOS/iPadOS <26.5, macOS/tvOS/visionOS <26.5)
CVE-2026-28905
7.5 - High
- May 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
Buffer Overflow
Apple iOS 26.5 Buffer Overflow via Malicious Image Processing
CVE-2026-43661
7.5 - High
- May 11, 2026
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. Processing a maliciously crafted image may corrupt process memory.
Stack Overflow
Apple OS 26.5: Unexpected Process Crash via Malicious Web Content (Fix)
CVE-2026-28913
7.5 - High
- May 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
Buffer Overflow
Apple OS Logging Leak (kernel state) pre iOS 18.7.9 / macOS 14.8.7
CVE-2026-28987
7.5 - High
- May 11, 2026
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to leak sensitive kernel state.
Insertion of Sensitive Information into Log File
Apple OSes: OOB Read DoS Before 26.5 (Fixed in 26.5)
CVE-2026-28991
7.5 - High
- May 11, 2026
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause a denial-of-service.
Out-of-bounds Read
Apple iOS/macOS 26.5 Use-After-Free in Web Rendering
CVE-2026-28883
7.5 - High
- May 11, 2026
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
Dangling pointer
Apple OS Kernel OOB Write (iOS 18.7.9/iPadOS 18.7.9, macOS 15.7.7)
CVE-2026-28972
6.5 - Medium
- May 11, 2026
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination or write kernel memory.
Memory Corruption
Apple Keychain State Modification Local Attack (CVE-2026-28860)
CVE-2026-28860
7.5 - High
- May 11, 2026
The issue was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A local attacker may be able to modify the state of the Keychain.
Improper Input Validation
Apple OS Image Processing Memory Corruption (iOS 26.5, macOS Sequoia 15.7.7)
CVE-2026-28990
7.5 - High
- May 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing a maliciously crafted image may corrupt process memory.
Buffer Overflow
Race Condition in Apple OS Leads to Unexpected Termination (fixed iOS 18.7.9)
CVE-2026-28986
7.5 - High
- May 11, 2026
A race condition was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination.
Race Condition
Apple iOS Use-After-Free Pre-18.7.9
CVE-2026-28969
7.5 - High
- May 11, 2026
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination.
Dangling pointer
Apple WebKit CSP Bypass before 26.5 (iOS 18.7.9, macOS 26.5)
CVE-2026-43660
7.5 - High
- May 11, 2026
A validation issue was addressed with improved logic. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
Protection Mechanism Failure
Apple WebKit MemCorrupt Crash (CVE-2026-28904) fixed iOS 18.7.9+
CVE-2026-28904
7.5 - High
- May 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
Buffer Overflow
Apple iOS Memory Crash CVE-2026-28953 Fixed in 18.7.9
CVE-2026-28953
7.5 - High
- May 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
Buffer Overflow
Apple OS DoS via App (before 26.5)
CVE-2026-28974
7.5 - High
- May 11, 2026
This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause a denial-of-service.
Authorization
Apple iOS/iPadOS macOS Memory Crash CVE-2026-28903
CVE-2026-28903
6.5 - Medium
- May 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
Buffer Overflow
Apple iOS/macOS Buffer Overflow Causing App Termination (fixed in 18.7.9, 15.7.7)
CVE-2026-28846
7.5 - High
- May 11, 2026
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A remote attacker may be able to cause unexpected app termination.
Stack Overflow
Safari AoF bug fixed in 26.5 via improved memory mgmt
CVE-2026-28942
6.5 - Medium
- May 11, 2026
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.
Dangling pointer
Apple OS Race Condition Exposing Sensitive Data (fixed iOS 26.5)
CVE-2026-28996
5.5 - Medium
- May 11, 2026
A race condition was addressed with additional validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to access sensitive user data.
Race Condition
Apple iOS/macOS kernel memory layout leakage via logging (fixed 18.7.9/15.7.7)
CVE-2026-28943
7.5 - High
- May 11, 2026
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to determine kernel memory layout.
Insertion of Sensitive Information into Log File
Apple OS OOB write DoS (CVE-2026-43666) fixed in iOS 18.7.9 et al
CVE-2026-43666
6.2 - Medium
- May 11, 2026
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An attacker on the local network may be able to cause a denial-of-service.
Memory Corruption
Apple iOS/macos tvOS Memory Crash CVE-2026-28902
CVE-2026-28902
6.5 - Medium
- May 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
Buffer Overflow
Apple iOS memory crash via malicious web content, fixed iOS 18.7.9/26.5
CVE-2026-28847
6.5 - Medium
- May 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
Buffer Overflow
Apple iOS/OS WebKit Crash via Malicious Web Content CVE-2026-28955
CVE-2026-28955
7.5 - High
- May 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
Buffer Overflow
Apple OS 26.5: OOB Access via Malicious File Termination
CVE-2026-28918
6.5 - Medium
- May 11, 2026
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Parsing a maliciously crafted file may lead to an unexpected app termination.
Out-of-bounds Read
Apple OS Buffer Overflow Fixed in iOS 18.7.9, iPadOS 18.7.9, macOS 15.7.7
CVE-2026-28959
7.5 - High
- May 11, 2026
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination.
Classic Buffer Overflow
Apple iOS CVE-2025-43210 OOB Access in Media Handling Fixed in iOS 18.6
CVE-2025-43210
6.3 - Medium
- April 02, 2026
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
Out-of-bounds Read
Apple OS (iOS/macOS) use-after-free CVE-2026-20687 (pre 18.7.7)
CVE-2026-20687
7.1 - High
- March 25, 2026
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, watchOS 26.4. An app may be able to cause unexpected system termination or write kernel memory.
Dangling pointer
Apple iOS/iPadOS Stack Overflow Fixed in 18.7.7 & 26.4
CVE-2026-28852
5.5 - Medium
- March 25, 2026
A stack overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to cause a denial-of-service.
Improper Input Validation
Apple Safari 26.3: CSP Bypass via State Management Flaw
CVE-2026-20665
6.5 - Medium
- March 25, 2026
This issue was addressed through improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
Protection Mechanism Failure
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Apple tvOS or by Apple? Click the Watch button to subscribe.
