iOS/iPadOS resource exhaustion (CVE-2026-28872) fixed in 18.7.9/26.4
CVE-2026-28872 Published on May 11, 2026
A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4. A remote attacker may be able to cause a denial-of-service.
Products Associated with CVE-2026-28872
Want to know whenever a new CVE is published for Apple products? stack.watch will email you.
Affected Versions
Apple iOS and iPadOS:- Before 18.7.9 is affected.
- Before 26.4 is affected.