Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
5DescriptionCVE.org
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause a denial-of-service.
AnalysisAI
Out-of-bounds read in Apple operating systems allows remote unauthenticated denial-of-service via malicious application. Apple has patched this vulnerability across all affected platforms (iOS/iPadOS, macOS, tvOS, visionOS, watchOS) in version 26.5 releases. Despite CVSS 7.5 HIGH rating, exploitation probability remains low (EPSS 2%, 5th percentile) with no public exploit code identified and no CISA KEV listing. The vulnerability is impact-limited to availability (denial-of-service) with no confidentiality or integrity compromise, though tags indicate potential information disclosure concerns that warrant verification against vendor advisories.
Technical ContextAI
This vulnerability stems from CWE-125 (Out-of-bounds Read), a memory safety issue where software reads data past the end or before the beginning of an allocated buffer. The flaw affects core system components across Apple's entire ecosystem including iOS/iPadOS, macOS Tahoe, tvOS, visionOS, and watchOS prior to version 26.5. Out-of-bounds reads typically occur when boundary validation is insufficient during buffer operations, allowing an application to access memory regions outside intended boundaries. Apple addressed this through improved bounds checking mechanisms in the affected system libraries or frameworks. The cross-platform nature suggests the vulnerability exists in shared code components used across Apple's operating system family, though the specific affected framework or system service is not disclosed in available data.
RemediationAI
Update all affected Apple devices to version 26.5 or later immediately through standard OS update mechanisms (Settings > General > Software Update on iOS/iPadOS, System Settings > General > Software Update on macOS, Settings > System > Software Updates on tvOS/watchOS/visionOS). Apple has released patches for all supported platforms with detailed security content documentation available in vendor advisories (https://support.apple.com/en-us/127110, 127115, 127118, 127119, 127120). For devices unable to upgrade to 26.5 due to hardware limitations, implement application vetting controls by restricting app installations to trusted App Store sources only and disabling sideloading/developer mode where possible. Enterprise environments should leverage Mobile Device Management (MDM) solutions to enforce app whitelisting and block unverified applications, though this introduces operational overhead for legitimate development workflows. Organizations with legacy Apple devices should prioritize hardware replacement planning, as denial-of-service vulnerabilities in core OS components cannot be effectively mitigated through network controls alone. No effective network-layer compensating controls exist for this client-side memory safety issue.
Same weakness CWE-125 – Out-of-bounds Read
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-29284
GHSA-778p-qw96-fmjp