High severity7.1NVD Advisory· Published May 11, 2026· Updated May 13, 2026
CVE-2026-28941
CVE-2026-28941
Description
The issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Tahoe 26.5. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <15.7.7
- Range: <18.7.9
Patches
Vulnerability mechanics
References
3- support.apple.com/en-us/127111nvdRelease NotesVendor Advisory
- support.apple.com/en-us/127115nvdRelease NotesVendor Advisory
- support.apple.com/en-us/127116nvdRelease NotesVendor Advisory
News mentions
2- ZDI-26-315: Apple macOS USD Out-Of-Bounds Read Information Disclosure VulnerabilityZero Day Initiative · May 12, 2026
- Apple Patches Everything, (Mon, May 11th)SANS Internet Storm Center · May 11, 2026