CVE-2026-28894: A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma…

high7.5CVSS 3.1

AVNACLPRNUINSUCNINAH

A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. A remote attacker may be able to cause a denial-of-service.

Affected

9 ranges

Vendor	Product	Version range	Fixed in
apple	ios_and_ipados	< 26.4	26.4
apple	ipados	< 26.4	26.4
apple	iphone_os	< 26.4	26.4
apple	macos	< 14.8.5	14.8.5
apple	macos	< 15.7.5	15.7.5
apple	macos	< 26.4	26.4
apple	macos	>= 14.0 < 14.8.5	14.8.5
apple	macos	>= 15.0 < 15.7.5	15.7.5
apple	macos	>= 26.0 < 26.4	26.4