Skip to main content

Apple OS kernels EUVDEUVD-2026-29308

| CVE-2026-43668 HIGH
Use After Free (CWE-416)
2026-05-11 apple GHSA-xfpc-cffv-p6m3
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Analysis Generated
May 12, 2026 - 18:25 vuln.today
CVSS changed
May 12, 2026 - 18:22 NVD
7.5 (HIGH)
Patch available
May 11, 2026 - 22:18 EUVD
CVE Published
May 11, 2026 - 20:08 nvd
UNKNOWN (no severity yet)
CVE Published
May 11, 2026 - 20:08 nvd
HIGH 7.5

DescriptionCVE.org

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.

AnalysisAI

Remote attackers can crash Apple devices or corrupt kernel memory without authentication via a use-after-free vulnerability affecting iOS, iPadOS, macOS, tvOS, visionOS, and watchOS. Apple has released patches across eight separate security bulletins (HT127110-127120) fixing this memory management flaw in all supported OS versions. EPSS score of 0.10% (28th percentile) suggests low exploitation probability despite the network-accessible attack vector and lack of authentication requirements. No active exploitation or public POC identified at time of analysis.

Technical ContextAI

This vulnerability is a use-after-free condition (CWE-416) in memory management code shared across Apple's operating system kernels (XNU kernel base). Use-after-free occurs when kernel code continues to reference memory after it has been deallocated, allowing attackers to manipulate freed memory regions. The CVSS vector AV:N indicates the vulnerability is reachable via network protocols, suggesting the flaw exists in network stack handling, socket processing, or network-accessible kernel interfaces rather than requiring local access. The vulnerability affects Apple's unified kernel architecture deployed across iOS/iPadOS (mobile), macOS (desktop/laptop), tvOS (Apple TV), visionOS (Vision Pro headset), and watchOS (Apple Watch), indicating the vulnerable code exists in shared kernel components rather than platform-specific drivers.

RemediationAI

Apply vendor-released patches immediately: upgrade iOS and iPadOS to version 18.7.9 or 26.5 (whichever applies to your device generation), macOS Sequoia to 15.7.7, macOS Sonoma to 14.8.7, macOS Tahoe to 26.5, tvOS to 26.5, visionOS to 26.5, and watchOS to 26.5. Patches are distributed via standard Apple software update mechanisms (Settings > General > Software Update on iOS/iPadOS, System Settings > General > Software Update on macOS). Consult Apple security bulletins at https://support.apple.com/en-us/127110 through 127120 for platform-specific installation guidance. Organizations using mobile device management (MDM) should deploy updates via configuration profiles. No effective workarounds exist for kernel-level memory corruption vulnerabilities short of disconnecting devices from networks, which is impractical for most deployments. Network-level filtering cannot mitigate kernel vulnerabilities triggered by standard protocol traffic. Legacy devices unable to upgrade to patched versions should be isolated from untrusted networks and considered end-of-life for security-sensitive applications.

Share

EUVD-2026-29308 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy