CVE-2026-20620Out-of-bounds Read in Apple Macos

CWE-125Out-of-bounds Read7 documents5 sources
Severity
7.7HIGHNVD
EPSS
0.0%
top 99.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apple Macos
Timeline
PublishedFeb 11
Latest updateFeb 12

Description

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An attacker may be able to cause unexpected system termination or read kernel memory.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HExploitability: 2.5 | Impact: 5.2

Affected Packages2 packages

CVEListV5apple/macos< 14.8.4+2
NVDapple/macos14.014.8.4+2

🔴Vulnerability Details

2
GHSA
GHSA-3jj8-9qpj-6989: An out-of-bounds read issue was addressed with improved input validation2026-02-12
CVEList
CVE-2026-20620: An out-of-bounds read issue was addressed with improved input validation2026-02-11

📋Vendor Advisories

3
Apple
CVE-2026-20620: macOS Tahoe 26.32026-02-11
Apple
CVE-2026-20620: macOS Sonoma 14.8.42026-02-11
Apple
CVE-2026-20620: macOS Sequoia 15.7.42026-02-11

🕵️Threat Intelligence

1
Wiz
CVE-2026-20620 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-20620 — Out-of-bounds Read in Apple Macos | cvebase