VYPR
← All advisories
Unrated severityNVD Advisory· Published May 26, 2022· Updated May 30, 2025

CVE-2022-26761

CVE-2022-26761

Description

A memory corruption issue was addressed with improved memory handling. This issue is fixed in Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A memory corruption issue in macOS allows an application to execute arbitrary code with kernel privileges, fixed in macOS Big Sur 11.6.6 and Security Update 2022-004.

Vulnerability

A memory corruption issue exists in the macOS kernel, affecting macOS Big Sur before version 11.6.6 and macOS Catalina before Security Update 2022-004. The exact component is not disclosed, but the vulnerability is reachable by any application running on the system.

Exploitation

An attacker must have the ability to run a malicious application on the target system. No additional privileges beyond standard user access are required. The application can trigger the memory corruption to escalate privileges and execute arbitrary code in the kernel context.

Impact

Successful exploitation allows an attacker to execute arbitrary code with kernel privileges, resulting in full compromise of the system's confidentiality, integrity, and availability.

Mitigation

Apple addressed this issue in macOS Big Sur 11.6.6 and Security Update 2022-004 for macOS Catalina, both released on May 16, 2022 [1][2]. No workarounds are available; users should apply the updates as soon as possible.

References
  1. About the security content of macOS Big Sur 11.6.6 - Apple Support
  2. About the security content of Security Update 2022-004 Catalina - Apple Support

AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

5
  • Apple Inc./macOS Catalinallm-fuzzy
    Range: <= Security Update 2022-004
  • Apple Inc./macOS Big Surllm-fuzzy
    Range: <= 11.6.5
  • Apple Inc./macOSllm-fuzzy2 versions
    <= 11.6.6, <= Security Update 2022-004 Catalina+ 1 more
    • (no CPE)range: <= 11.6.6, <= Security Update 2022-004 Catalina
    • (no CPE)range: unspecified
  • Apple/Security Update - Catalinav5
    Range: unspecified

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.