CVE-2026-28952
Integer Overflow in Apple iOS and macOS Systems
Publication date: 2026-05-11
Last updated on: 2026-05-11
Assigner: Apple Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apple | ios | 18.7.9 |
| apple | ipad_os | 18.7.9 |
| apple | macos_sequoia | 15.7.7 |
| apple | macos_sonoma | 14.8.7 |
| apple | macos_tahoe | 26.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an integer overflow issue that was addressed by improving input validation. An integer overflow occurs when a calculation exceeds the maximum size that can be stored in an integer variable, potentially leading to unexpected behavior.
In this case, the vulnerability could allow an application to cause unexpected system termination on affected Apple operating systems such as iOS, iPadOS, and various versions of macOS.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an application to cause unexpected system termination, which may lead to system instability or denial of service on affected devices.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update your Apple devices to the fixed versions of the operating systems.
- Update iOS devices to iOS 18.7.9.
- Update iPadOS devices to iPadOS 18.7.9.
- Update macOS devices to one of the following versions depending on your system: macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, or macOS Tahoe 26.5.