Apple macOS CoreMedia Framework Out-Of-Bounds Write Remote Code Execution Vulnerability

Apple macOS contains a remote code execution vulnerability (CVE-2026-20690) with a CVSS score of 8.8 that allows attackers to execute arbitrary code if a user visits a malicious website or opens a malicious file. This is a high-severity flaw that gives attackers significant control over affected systems. Security teams should prioritize patching macOS systems and advise users to avoid opening untrusted files and visiting suspicious websites until patches are available.