Medium severity6.2NVD Advisory· Published May 11, 2026· Updated May 13, 2026
CVE-2026-28985
CVE-2026-28985
Description
A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5. An attacker on the local network may be able to cause a denial-of-service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 26.5
Patches
Vulnerability mechanics
References
3- support.apple.com/en-us/127110nvdRelease NotesVendor Advisory
- support.apple.com/en-us/127115nvdRelease NotesVendor Advisory
- support.apple.com/en-us/127118nvdRelease NotesVendor Advisory
News mentions
1- Apple Patches Everything, (Mon, May 11th)SANS Internet Storm Center · May 11, 2026