CVE-2026-28858
published 2026-03-25CVE-2026-28858: A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 26.4 and iPadOS 26.4. A remote user may be able to cause unexpected…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 26.4 and iPadOS 26.4. A remote user may be able to cause unexpected system termination or corrupt kernel memory.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_and_ipados | < 26.4 | 26.4 |
| apple | ipados | < 26.4 | 26.4 |
| apple | iphone_os | < 26.4 | 26.4 |