Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
5DescriptionCVE.org
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7.7, macOS Tahoe 26.5. A remote attacker may be able to cause unexpected system termination.
AnalysisAI
Buffer overflow in macOS allows remote unauthenticated attackers to cause system crashes and denial of service without user interaction. Affects macOS Sequoia versions prior to 15.7.7 and macOS Tahoe versions prior to 26.5. Apple has released patches addressing the vulnerability through improved bounds checking. Despite network-based attack vector and low complexity (CVSS 7.5), EPSS score of 0.05% (15th percentile) indicates minimal observed exploitation activity, and CISA SSVC framework confirms no active exploitation detected. Automatable attack path suggests potential for scanning-based campaigns if exploited.
Technical ContextAI
This is a stack-based buffer overflow vulnerability (CWE-121) in an unspecified macOS component or service accessible over the network. Stack buffer overflows occur when data written to a buffer exceeds allocated memory on the program stack, potentially overwriting adjacent memory including return addresses and function pointers. The CVSS vector (AV:N) indicates the vulnerable component accepts network connections, likely through a system service, daemon, or framework that processes remote input. Apple's fix involved implementing improved bounds checking to validate input size before copying data into fixed-size buffers. The CPE string cpe:2.3:a:apple:macos indicates this affects the macOS application layer rather than kernel components. The unchanged scope (S:U) suggests the vulnerability is contained within the vulnerable component's security context.
RemediationAI
Apply vendor-released patches immediately for internet-facing macOS systems. Upgrade macOS Sequoia installations to version 15.7.7 or later, and macOS Tahoe installations to version 26.5 or later, following Apple's security advisories at https://support.apple.com/en-us/127115 and https://support.apple.com/en-us/127116. If immediate patching is not feasible, implement network-based compensating controls by restricting inbound network access to macOS systems using host firewalls or network segmentation, blocking unnecessary services from internet exposure. Since the specific vulnerable component is not disclosed, granular service-level restrictions cannot be recommended. Network isolation will reduce attack surface but may impact legitimate remote access functionality including screen sharing, file sharing, and remote management capabilities. For systems requiring internet accessibility, deploy network intrusion detection systems to monitor for unusual connection patterns or crash-inducing traffic, though this provides detection rather than prevention. No application-level workarounds are available given the lack of component-specific details.
Same weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Stack Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-29220
GHSA-2h56-2mqr-w44f