Skip to main content

Apple iOS/iPadOS/macOS EUVDEUVD-2026-29302

| CVE-2026-43656 HIGH
Out-of-bounds Write (CWE-787)
2026-05-11 apple GHSA-xfh5-8vfh-9mjc
7.3
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.3 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

5
Analysis Generated
May 12, 2026 - 18:25 vuln.today
CVSS changed
May 12, 2026 - 18:22 NVD
7.3 (HIGH)
Patch available
May 11, 2026 - 22:18 EUVD
CVE Published
May 11, 2026 - 20:08 nvd
UNKNOWN (no severity yet)
CVE Published
May 11, 2026 - 20:08 nvd
HIGH 7.3

DescriptionCVE.org

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. Parsing a maliciously crafted file may lead to an unexpected app termination.

AnalysisAI

Out-of-bounds write in Apple's file parsing component across iOS, iPadOS, and macOS enables remote code execution or denial of service via maliciously crafted files with no user interaction required. Exploitation probability is extremely low (EPSS 0.02%, 6th percentile) with no public exploit identified at time of analysis, despite the critical CVSS 7.3 score and network-based attack vector. Vendor patches available for all affected platforms (iOS/iPadOS 18.7.9, 26.5; macOS Sonoma 14.8.7, Sequoia 15.7.7, Tahoe 26.5). The CVSS vector indicating AV:N/PR:N/UI:N suggests automatic exploitation without user interaction, which contradicts the description's 'parsing a file' language - verify whether this requires user action to open/download the file or if background processes parse untrusted files automatically.

Technical ContextAI

CWE-787 out-of-bounds write vulnerability in Apple's file parsing subsystem affecting iOS, iPadOS, and macOS across multiple major versions. The flaw occurs when processing file formats through system-level parsers, allowing data to be written beyond allocated buffer boundaries. Affected CPE strings indicate broad impact across Apple's mobile (cpe:2.3:a:apple:ios_and_ipados) and desktop (cpe:2.3:a:apple:macos) platforms. The vulnerability exists in a shared parsing component used across macOS Sonoma (14.x), Sequoia (15.x), and Tahoe (26.x) series, plus iOS/iPadOS 18.x and 26.x branches. Apple's fix involved improved input validation to bound-check file parsing operations, suggesting the original code lacked proper size verification when copying or writing parsed data structures. The memory corruption class (CWE-787) typically enables arbitrary code execution when combined with exploit techniques like heap spraying or ROP chains, though Apple's description conservatively lists 'unexpected app termination' as the primary impact.

RemediationAI

Apply vendor-released patches immediately: upgrade iOS and iPadOS devices to version 18.7.9 or 26.5, macOS Sonoma systems to 14.8.7, macOS Sequoia systems to 15.7.7, and macOS Tahoe systems to 26.5. Installation instructions and security content details available in Apple security advisories HT127110, HT127111, HT127115, HT127116, and HT127117 at https://support.apple.com. If immediate patching is not feasible, implement network-layer filtering to block untrusted file sources and restrict automatic file parsing by disabling Quick Look previews, Spotlight indexing of untrusted directories, and background content handlers (trade-off: reduced user convenience and search functionality). On managed devices, enforce application sandboxing policies and disable automatic mounting of network shares or removable media until patching is complete (trade-off: workflow disruption for users requiring network file access). For high-security environments, consider network segmentation to isolate unpatched Apple devices from untrusted content sources until updates can be tested and deployed.

Share

EUVD-2026-29302 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy