CVE-2026-28918
published 2026-05-11CVE-2026-28918: An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5…
medium6.5CVSS 3.1
AVNACLPRNUIRSUCNINAH
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Parsing a maliciously crafted file may lead to an unexpected app termination.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_and_ipados | < 26.5 | 26.5 |
| apple | ipados | < 26.5 | 26.5 |
| apple | iphone_os | < 26.5 | 26.5 |
| apple | macos | < 26.5 | 26.5 |
| apple | macos | >= 26.0 < 26.5 | 26.5 |
| apple | tvos | < 26.5 | 26.5 |
| apple | visionos | < 26.5 | 26.5 |
| apple | watchos | < 26.5 | 26.5 |