Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
5DescriptionCVE.org
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination.
AnalysisAI
Use-after-free memory corruption in Apple operating systems allows high confidentiality impact through unexpected system termination. Affects iOS/iPadOS versions before 18.7.9 and 26.5, macOS Sequoia before 15.7.7, macOS Sonoma before 14.8.7, macOS Tahoe before 26.5, tvOS before 26.5, visionOS before 26.5, and watchOS before 26.5. Vendor-released patches are available across all affected platforms. EPSS score of 0.02% (7th percentile) indicates low observed exploitation probability in the wild, and no public exploit identified at time of analysis. CVSS vector indicates network-reachable attack surface with no authentication required, though the description states only 'an app' can trigger the condition, suggesting conflicting attack vector classification.
Technical ContextAI
This vulnerability involves a use-after-free condition (CWE-416), a memory safety issue where code attempts to access memory after it has been freed. In Apple's ecosystem, this typically occurs in core system frameworks or libraries shared across iOS, macOS, tvOS, visionOS, and watchOS. The CPE data confirms the vulnerability spans all major Apple operating systems, suggesting the flaw exists in a common component or framework used across these platforms. Use-after-free vulnerabilities arise from improper object lifecycle management, often in reference-counted memory systems like Objective-C's ARC or manual retain/release patterns. The simultaneous patching across iOS versions 18.x and 26.x (likely representing different major releases) indicates the vulnerable code has existed across multiple OS generations. Apple's fix involves improved memory management, which typically means adding proper object lifetime tracking, implementing defensive null checks, or restructuring code to avoid dangling pointers.
RemediationAI
Apply vendor-released security updates immediately: upgrade iOS and iPadOS to version 18.7.9 or 26.5 (depending on device compatibility), macOS Sequoia to 15.7.7, macOS Sonoma to 14.8.7, macOS Tahoe to 26.5, tvOS to 26.5, visionOS to 26.5, and watchOS to 26.5. Patches are available through standard Apple software update mechanisms (Settings > General > Software Update on iOS/iPadOS, System Settings > General > Software Update on macOS). Detailed security content information is available at https://support.apple.com/en-us/127110 through 127120. If immediate patching is not possible, restrict installation of untrusted applications to minimize attack surface until updates can be deployed, though this mitigation may not be effective if the network attack vector in the CVSS assessment is accurate. Organizations using Mobile Device Management should prioritize pushing these updates to managed devices. No known workarounds exist that fully mitigate use-after-free memory corruption vulnerabilities without applying the vendor patch.
Same weakness CWE-416 – Use After Free
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-29271
GHSA-5vrc-4fj4-9cmh