Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Lifecycle Timeline
4DescriptionCVE.org
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing an audio stream in a maliciously crafted media file may terminate the process.
AnalysisAI
Maliciously crafted media files containing out-of-bounds memory access in Apple's audio processing can crash affected applications across iOS, iPadOS, macOS, tvOS, visionOS, and watchOS. An attacker can trigger a denial of service by triggering the vulnerability through a specially crafted audio stream, though no patch is currently available. This impacts multiple recent OS versions where an out-of-bounds read occurs during media file processing.
Technical ContextAI
This vulnerability resides in Apple's media processing framework, specifically in the audio stream parsing and decoding components that handle various audio formats within media containers. The issue is classified as an out-of-bounds access flaw, which occurs when the audio processing code attempts to read or write memory beyond the allocated buffer boundaries without proper validation of the input stream's structure and size. The affected CPE ranges include cpe:2.3:a:apple:ios_and_ipados, cpe:2.3:a:apple:macos, cpe:2.3:a:apple:tvos, cpe:2.3:a:apple:visionos, and cpe:2.3:a:apple:watchos, indicating the vulnerability exists across Apple's entire ecosystem. The root cause relates to improper input validation and insufficient bounds checking when parsing audio stream headers or data segments, allowing an attacker-controlled media file to trigger memory access violations without proper size validation.
RemediationAI
Immediately upgrade all affected Apple devices to the patched versions: iOS and iPadOS to 18.7.7 or 26.4, macOS Sequoia to 15.7.5, macOS Sonoma to 14.8.5, macOS Tahoe to 26.4, and tvOS, visionOS, and watchOS to version 26.4. Organizations should prioritize patching systems that regularly process media files from untrusted sources, such as mail servers, web browsers, and media streaming applications. For users unable to immediately patch, restrict access to untrusted media files and disable automatic media preview features in applications that process audio streams. Consult Apple's official security advisories at https://support.apple.com/en-us/126792 through https://support.apple.com/en-us/126799 for platform-specific patching procedures and to verify successful update installation.
An unauthenticated remote code execution vulnerability exists in Remote for Mac, a macOS remote control utility develope
A use-after-free issue was addressed with improved memory management. Rated high severity (CVSS 8.8), this vulnerability
Apple's kernel across all platforms (iOS, macOS, watchOS, visionOS, tvOS) contains a memory corruption vulnerability (CV
Remote code execution in OpenSSH's sshd server (regression of CVE-2006-5051) allows unauthenticated remote attackers to
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remot
The issue was addressed with improved checks. Rated high severity (CVSS 7.0). Actively exploited in the wild (cisa kev)
A logic issue was addressed with improved restrictions. Rated high severity (CVSS 7.8), this vulnerability is no authent
In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environmen
A race condition was addressed with additional validation. Rated high severity (CVSS 7.0), this vulnerability is no auth
This issue was addressed with improved checks. Rated critical severity (CVSS 10.0), this vulnerability is remotely explo
When doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data t
When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the
Same weakness CWE-125 – Out-of-bounds Read
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-15060