Apple OS 26.5 Null Ptr Deref Local DoS
CVE-2026-28985 Published on May 11, 2026

A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5. An attacker on the local network may be able to cause a denial-of-service.

NVD

Products Associated with CVE-2026-28985

Want to know whenever a new CVE is published for Apple products? stack.watch will email you.

Apple iOS

Apple iPadOS

Apple macOS

Apple tvOS

Apple Ios And Ipados

Affected Versions

Apple iOS and iPadOS:

Before 26.5 is affected.

Apple macOS:

Before 26.5 is affected.

Apple tvOS:

Before 26.5 is affected.

Apple OS 26.5 Null Ptr Deref Local DoSCVE-2026-28985 Published on May 11, 2026

Products Associated with CVE-2026-28985

Affected Versions

Apple OS 26.5 Null Ptr Deref Local DoS
CVE-2026-28985 Published on May 11, 2026