CVE-2026-43655
Out-of-Bounds Read in iOS and macOS Tahoe
Publication date: 2026-05-11
Last updated on: 2026-05-11
Assigner: Apple Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apple | ios | 26.5 |
| apple | ipados | 26.5 |
| apple | macos_tahoe | 26.5 |
| apple | tvos | 26.5 |
| apple | watchos | 26.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an out-of-bounds read issue that was addressed by improving bounds checking in affected Apple operating systems. It could allow an application to read memory outside of its intended boundaries.
Specifically, an app may be able to cause unexpected system termination or read kernel memory, which is memory reserved for the core of the operating system.
How can this vulnerability impact me? :
This vulnerability can impact you by allowing an application to cause your system to unexpectedly terminate (crash) or potentially read sensitive kernel memory.
Reading kernel memory could expose sensitive information or lead to further exploitation of the system.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update your Apple devices to the fixed versions: iOS 26.5, iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, and watchOS 26.5.