Use-After-Free in Apple OS Kernels (iOS 18.7.9+, macOS 15.7.7+)
CVE-2026-43668 Published on May 11, 2026
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.
Vulnerability Analysis
CVE-2026-43668 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Weakness Type
What is a Dangling pointer Vulnerability?
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
CVE-2026-43668 has been classified to as a Dangling pointer vulnerability or weakness.
Products Associated with CVE-2026-43668
Want to know whenever a new CVE is published for Apple products? stack.watch will email you.
Affected Versions
Apple iOS and iPadOS:- Before 18.7.9 is affected.
- Before 26.5 is affected.
- Before 14.8.7 is affected.
- Before 15.7.7 is affected.
- Before 26.5 is affected.
- Before 26.5 is affected.
- Before 26.5 is affected.
- Before 26.5 is affected.