Apple WiFi Use-After-Free DoS fixed iOS 18.7.9 / macOS 15.7.7
CVE-2026-28994 Published on May 11, 2026

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Wi-Fi packets.

NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

HIGH

Privileges Required:

NONE

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

NONE

Availability Impact:

HIGH

Weakness Type

What is a Dangling pointer Vulnerability?

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.

CVE-2026-28994 has been classified to as a Dangling pointer vulnerability or weakness.

Products Associated with CVE-2026-28994

Want to know whenever a new CVE is published for Apple products? stack.watch will email you.

Apple iOS

Apple iPadOS

Apple macOS

Apple Macos Sonoma

Apple tvOS

Apple watchOS

Apple Ios And Ipados

Affected Versions

Apple iOS and iPadOS:

Before 18.7.9 is affected.
Before 26.5 is affected.

Apple macOS:

Before 14.8.7 is affected.
Before 15.7.7 is affected.
Before 26.5 is affected.

Apple tvOS:

Before 26.5 is affected.

Apple watchOS:

Before 26.5 is affected.

Apple WiFi Use-After-Free DoS fixed iOS 18.7.9 / macOS 15.7.7CVE-2026-28994 Published on May 11, 2026

Vulnerability Analysis

Weakness Type

What is a Dangling pointer Vulnerability?

Products Associated with CVE-2026-28994

Affected Versions

Apple WiFi Use-After-Free DoS fixed iOS 18.7.9 / macOS 15.7.7
CVE-2026-28994 Published on May 11, 2026