CVE-2026-28986
Race Condition in Apple iOS and macOS Leading to System Termination
Publication date: 2026-05-11
Last updated on: 2026-05-11
Assigner: Apple Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apple | ios | 18.7.9 |
| apple | ipados | 18.7.9 |
| apple | macos_sequoia | 15.7.7 |
| apple | macos_sonoma | 14.8.7 |
| apple | macos_tahoe | 26.5 |
| apple | tvos | 26.5 |
| apple | watchos | 26.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a race condition issue that was addressed by adding additional validation. A race condition occurs when the behavior of software depends on the timing or sequence of uncontrollable events, which can lead to unexpected results.
In this case, the race condition could allow an app to cause unexpected system termination, meaning the system could crash or shut down unexpectedly due to the timing issue.
How can this vulnerability impact me? :
This vulnerability can impact users by allowing an app to cause unexpected system termination. This means that the affected devices could crash or shut down unexpectedly, potentially leading to data loss, disruption of services, or degraded user experience.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update your Apple devices to the fixed versions of the operating systems as soon as possible.
- Update iOS devices to iOS 18.7.9 or iOS 26.5.
- Update iPadOS devices to iPadOS 18.7.9 or iPadOS 26.5.
- Update macOS devices to macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, or macOS Tahoe 26.5.
- Update Apple TV devices to tvOS 26.5.
- Update Apple Watch devices to watchOS 26.5.