High severity7.5NVD Advisory· Published May 11, 2026· Updated May 13, 2026
CVE-2026-28959
CVE-2026-28959
Description
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination.
Affected products
6Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- support.apple.com/en-us/127110nvdRelease NotesVendor Advisory
- support.apple.com/en-us/127111nvdRelease NotesVendor Advisory
- support.apple.com/en-us/127115nvdRelease NotesVendor Advisory
- support.apple.com/en-us/127116nvdRelease NotesVendor Advisory
- support.apple.com/en-us/127117nvdRelease NotesVendor Advisory
- support.apple.com/en-us/127118nvdRelease NotesVendor Advisory
- support.apple.com/en-us/127119nvdRelease NotesVendor Advisory
- support.apple.com/en-us/127120nvdRelease NotesVendor Advisory
News mentions
44- Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-daysBleepingComputer · May 12, 2026
- End‑to‑End Encrypted RCS Messaging Arrives Across iPhone and AndroidInfosecurity Magazine · May 12, 2026
- Apple Patches Dozens of Vulnerabilities in macOS, iOSSecurityWeek · May 12, 2026
- iOS 26.5 Brings Default End-to-End Encrypted RCS Messaging Between iPhone and AndroidThe Hacker News · May 12, 2026
- Apple Patches Everything, (Mon, May 11th)SANS Internet Storm Center · May 11, 2026
- iPadOS 15.8.8 (19H422)Apple Security Releases · May 11, 2026
- iPadOS 26.5 (23F77)Apple Security Releases · May 11, 2026
- visionOS 26.5 (23O471)Apple Security Releases · May 11, 2026
- watchOS 26.5 (23T570)Apple Security Releases · May 11, 2026
- iPadOS 17.7.11 (21H461)Apple Security Releases · May 11, 2026
- iPadOS 18.7.9 (22H355)Apple Security Releases · May 11, 2026
- iPadOS 16.7.16 (20H392)Apple Security Releases · May 11, 2026
- iPadOS 26.5 RC 2 (23F77)Apple Security Releases · May 8, 2026
- iOS 26.5 RC 2 (23F77)Apple Security Releases · May 8, 2026
- tvOS 26.5 RC (23L471)Apple Security Releases · May 4, 2026
- macOS 26.5 RC (25F71)Apple Security Releases · May 4, 2026
- iPadOS 18.7.9 (22H355)Apple Security Releases · May 4, 2026
- visionOS 26.5 RC (23O471)Apple Security Releases · May 4, 2026
- iOS 26.5 RC (23F75)Apple Security Releases · May 4, 2026
- watchOS 26.5 RC (23T570)Apple Security Releases · May 4, 2026
- iPadOS 26.5 RC (23F75)Apple Security Releases · May 4, 2026
- Xcode 26.5 RC (17F42)Apple Security Releases · May 4, 2026
- iOS 18.7.9 (22H355)Apple Security Releases · May 4, 2026
- 27th April – Threat Intelligence ReportCheck Point Research · Apr 27, 2026
- iPadOS 26.5 beta 4 (23F5069b)Apple Security Releases · Apr 27, 2026
- tvOS 26.5 beta 4 (23L5469a)Apple Security Releases · Apr 27, 2026
- macOS 26.5 beta 4 (25F5068a)Apple Security Releases · Apr 27, 2026
- watchOS 26.5 beta 4 (23T5568a)Apple Security Releases · Apr 27, 2026
- Xcode 26.5 beta 3 (17F5032f)Apple Security Releases · Apr 27, 2026
- iOS 26.5 beta 4 (23F5069b)Apple Security Releases · Apr 27, 2026
- visionOS 26.5 beta 4 (23O5468a)Apple Security Releases · Apr 27, 2026
- Apple Fixes iOS Notification Bug Exposing Deleted MessagesInfosecurity Magazine · Apr 23, 2026
- Apple fixes iOS bug that kept deleted notifications, including chat previewsMalwarebytes Labs · Apr 23, 2026
- iOS 18.7.8 (22H352)Apple Security Releases · Apr 22, 2026
- iPadOS 18.7.8 (22H352)Apple Security Releases · Apr 22, 2026
- iPadOS 26.4.2 (23E261)Apple Security Releases · Apr 22, 2026
- App Store Connect UpdateApple Security Releases · Apr 16, 2026
- Apple Expands iOS 18 Security Updates Amid DarkSword ThreatInfosecurity Magazine · Apr 2, 2026
- visionOS 26.4 (23O247)Apple Security Releases · Mar 24, 2026
- watchOS 26.4 (23T240)Apple Security Releases · Mar 24, 2026
- iPadOS 15.8.7 (19H411)Apple Security Releases · Mar 11, 2026
- iPadOS 16.7.15 (20H380)Apple Security Releases · Mar 11, 2026
- App Store Connect API 4.3Apple Security Releases · Mar 10, 2026
- Siemens SIMATICCISA Alerts