Apple tvOS 18.1 vulnerabilities
2,001 known vulnerabilities affecting apple/tvos at version 18.1.
Total CVEs
2,001
CISA KEV
37
actively exploited
Public exploits
174
Exploited in wild
28
Severity breakdown
CRITICAL125HIGH1101MEDIUM722LOW53
Vulnerabilities
Page 2 of 13
CVE-2026-20687HIGHCVSS 7.1fixed in 26.42026-03-25
CVE-2026-20687 [HIGH] CWE-416 CVE-2026-20687: A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, watchOS 26.4. An app may be able to cause unexpected system termination or write kernel memory.
cvelistv5nvd
CVE-2026-28865HIGHCVSS 7.5fixed in 26.42026-03-25
CVE-2026-28865 [HIGH] CWE-285 CVE-2026-28865: An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.
An authentication issue was addressed with improved state management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An attacker in a privileged network position may be able to intercept network traffic.
cvelistv5nvd
CVE-2026-20698HIGHCVSS 7.8fixed in 26.42026-03-25
CVE-2026-20698 [HIGH] CWE-787 CVE-2026-20698: The issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to cause unexpected system termination or corrupt kernel memory.
cvelistv5nvd
CVE-2026-28878MEDIUMCVSS 6.5fixed in 26.42026-03-25
CVE-2026-28878 [MEDIUM] CWE-200 CVE-2026-28878: A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.7.7 and iPad
A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to enumerate a user's installed apps.
cvelistv5nvd
CVE-2026-20665MEDIUMCVSS 6.5fixed in 26.42026-03-25
CVE-2026-20665 [MEDIUM] CWE-693 CVE-2026-20665: This issue was addressed through improved state management. This issue is fixed in Safari 26.4, iOS
This issue was addressed through improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.
cvelistv5nvd
CVE-2026-20690MEDIUMCVSS 6.5fixed in 26.42026-03-25
CVE-2026-20690 [MEDIUM] CWE-125 CVE-2026-20690: An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iO
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing an audio stream in a maliciously crafted media file may terminate the process.
cvelistv5nvd
CVE-2026-28859MEDIUMCVSS 4.3fixed in 26.42026-03-25
CVE-2026-28859 [MEDIUM] CWE-125 CVE-2026-28859: The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A malicious website may be able to process restricted web content outside the sandbox.
cvelistv5nvd
CVE-2026-28886MEDIUMCVSS 5.9fixed in 26.42026-03-25
CVE-2026-28886 [MEDIUM] CWE-476 CVE-2026-28886: A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS
A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A user in a privileged network position may be able to cause a denial-of-service.
cvelistv5nvd
CVE-2026-28863MEDIUMCVSS 6.5fixed in 26.42026-03-25
CVE-2026-28863 [MEDIUM] CVE-2026-28863: A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.4 and
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.4 and iPadOS 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to fingerprint the user.
cvelistv5nvd
CVE-2026-28822MEDIUMCVSS 6.2fixed in 26.42026-03-25
CVE-2026-28822 [MEDIUM] CWE-843 CVE-2026-28822: A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 26.4
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An attacker may be able to cause unexpected app termination.
cvelistv5nvd
CVE-2026-20637MEDIUMCVSS 6.2fixed in 26.32026-03-25
CVE-2026-20637 [MEDIUM] CWE-416 CVE-2026-20637: A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to cause unexpected system termination.
cvelistv5nvd
CVE-2026-28867MEDIUMCVSS 6.2fixed in 26.42026-03-25
CVE-2026-28867 [MEDIUM] CVE-2026-28867: This issue was addressed with improved authentication. This issue is fixed in iOS 18.7.7 and iPadOS
This issue was addressed with improved authentication. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to leak sensitive kernel state.
cvelistv5nvd
CVE-2026-28882MEDIUMCVSS 4.0fixed in 26.42026-03-25
CVE-2026-28882 [MEDIUM] CVE-2026-28882: This issue was addressed with improved checks. This issue is fixed in iOS 26.4 and iPadOS 26.4, macO
This issue was addressed with improved checks. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to enumerate a user's installed apps.
cvelistv5nvd
CVE-2026-28852MEDIUMCVSS 5.5fixed in 26.42026-03-25
CVE-2026-28852 [MEDIUM] CWE-20 CVE-2026-28852: A stack overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and
A stack overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to cause a denial-of-service.
cvelistv5nvd
CVE-2026-28879MEDIUMCVSS 6.5fixed in 26.42026-03-25
CVE-2026-28879 [MEDIUM] CWE-416 CVE-2026-28879: A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.
A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash.
cvelistv5nvd
CVE-2026-28870MEDIUMCVSS 5.5fixed in 26.42026-03-25
CVE-2026-28870 [MEDIUM] CVE-2026-28870: An information leakage was addressed with additional validation. This issue is fixed in iOS 26.4 and
An information leakage was addressed with additional validation. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to access sensitive user data.
cvelistv5nvd
CVE-2026-20611HIGHCVSS 7.8fixed in 26.32026-02-11
CVE-2026-20611 [HIGH] CWE-125 CVE-2026-20611: An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iO
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt proc
cvelistv5nvd
CVE-2026-20617HIGHCVSS 7.0fixed in 26.32026-02-11
CVE-2026-20617 [HIGH] CWE-362 CVE-2026-20617: A race condition was addressed with improved state handling. This issue is fixed in iOS 26.3 and iPa
A race condition was addressed with improved state handling. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to gain root privileges.
cvelistv5nvd
CVE-2026-20628HIGHCVSS 7.1fixed in 26.32026-02-11
CVE-2026-20628 [HIGH] CWE-284 CVE-2026-20628: A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.5 an
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to break out of its sandbox.
cvelistv5nvd
CVE-2026-20641HIGHCVSS 7.1fixed in 26.32026-02-11
CVE-2026-20641 [HIGH] CWE-200 CVE-2026-20641: A privacy issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.
A privacy issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. An app may be able to identify what other apps a user has installed.
cvelistv5nvd