CVE-2022-26697
Description
An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Processing a maliciously crafted AppleScript binary may cause unexpected termination or disclosure of process memory due to an out-of-bounds read.
Vulnerability
An out-of-bounds read issue exists in AppleScript binary processing in macOS, addressed with improved input validation. Affected versions: macOS Catalina (Security Update 2022-004), macOS Monterey 12.4, macOS Big Sur 11.6.6. [1][2][3]
Exploitation
An attacker can provide a maliciously crafted AppleScript binary. No special privileges or network position is required beyond delivering the file to the user; user interaction may be needed to open the file.
Impact
Successful exploitation may lead to unexpected application termination or disclosure of process memory.
Mitigation
Apple released fixes in Security Update 2022-004 (Catalina), macOS Monterey 12.4, and macOS Big Sur 11.6.6 on May 16, 2022. Users should update to these versions.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
5- Range: < 11.6.6
- Range: < 2022-004
- Range: < 12.4
- Range: unspecified
- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- support.apple.com/en-us/HT213255mitrex_refsource_MISC
- support.apple.com/en-us/HT213256mitrex_refsource_MISC
- support.apple.com/en-us/HT213257mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.