Severity by source
AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
5DescriptionCVE.org
A buffer overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A local user may be able to cause unexpected system termination or read kernel memory.
AnalysisAI
Buffer overflow in Apple operating systems allows local unauthenticated users to cause unexpected system termination or read kernel memory without requiring user interaction. The vulnerability affects iOS, iPadOS, macOS, tvOS, visionOS, and watchOS across multiple versions, with exploitation limited to local access. Vendor-released patches are available for all affected platforms, and EPSS scoring of 0.03% indicates exploitation remains unlikely despite the local attack vector.
Technical ContextAI
This is a classic stack buffer overflow (CWE-121) in Apple's kernel or core system libraries. The vulnerability exists in a component accessible to unprivileged local users, allowing them to overflow a stack-allocated buffer through controlled input. The lack of proper bounds checking on input data enables an attacker to corrupt adjacent memory on the stack, potentially triggering denial of service through kernel panic or read arbitrary kernel memory by exploiting the overflow to leak data. The fix involved adding input validation to prevent oversized or malformed data from reaching the vulnerable code path. Affected products span Apple's entire ecosystem: iOS/iPadOS (mobile), macOS (desktop, multiple versions), tvOS (streaming), visionOS (spatial computing), and watchOS (wearable), all sharing common kernel and system library code.
RemediationAI
Install vendor-released patches immediately: iOS and iPadOS 18.7.9 or 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, and watchOS 26.5. Updates are available through Apple's standard software update mechanisms (Settings > General > Software Update on iOS/iPadOS/watchOS; System Settings > General > Software Update on macOS; Settings > System > Software Update on tvOS/visionOS). No workarounds exist for this kernel-level vulnerability short of patching. For organizations unable to patch immediately, implement compensating controls by restricting physical access to affected devices and limiting local user accounts to only trusted administrators, as the attack vector is strictly local; however, these controls are imperfect and do not address insider threats or compromised user accounts. Review and revoke access for any low-privileged users who should not have local device access.
Same weakness CWE-121 – Stack-based Buffer Overflow
View allSame technique Stack Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-29225
GHSA-cc6c-8q3q-7598