Description
This issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6. Processing a file may lead to memory corruption.
Published: 2026-04-02
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

Apple operating systems contain a flaw in memory handling that is triggered when the system processes certain files. This flaw can cause memory corruption, potentially allowing an attacker to execute arbitrary code or cause a system crash. The vulnerability represents a classic buffer overflow type of weakness that compromises system integrity.

Affected Systems

Apple iOS, iPadOS, and macOS Sequoia are affected. The issue is fixed in iOS 18.6, iPadOS 18.6, and macOS Sequoia 15.6. Devices running earlier versions of these operating systems remain vulnerable.

Risk and Exploitability

The CVSS score is not provided, so the quantitative severity is unknown. The lack of a public exploit and absence from the KEV catalog suggest no known widespread exploitation yet. The likely attack vector is local file‑based, requiring an attacker to supply a specially crafted file or manipulate a user into opening one. If the vulnerability is triggered, memory corruption could lead to arbitrary code execution or a denial of service.

Generated by OpenCVE AI on April 2, 2026 at 22:25 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update iOS to version 18.6 or later.
  • Update iPadOS to version 18.6 or later.
  • Update macOS Sequoia to version 15.6 or later.
  • Avoid opening unknown or untrusted files until the updates are applied.

Generated by OpenCVE AI on April 2, 2026 at 22:25 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Apr 2026 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple ipados
Apple iphone Os
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Vendors & Products Apple ipados
Apple iphone Os

Fri, 03 Apr 2026 14:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
Title Memory Corruption via File Processing in Apple iOS, iPadOS, and macOS
First Time appeared Apple
Apple ios And Ipados
Apple macos
Weaknesses CWE-119
CWE-787
Vendors & Products Apple
Apple ios And Ipados
Apple macos

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description This issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6. Processing a file may lead to memory corruption.
References

Subscriptions

Apple Ios And Ipados Ipados Iphone Os Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-03T13:00:53.495Z

Reserved: 2025-04-16T15:24:37.088Z

Link: CVE-2025-43202

cve-icon Vulnrichment

Updated: 2026-04-02T19:02:11.554Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-02T19:20:03.913

Modified: 2026-04-03T18:00:04.027

Link: CVE-2025-43202

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T09:16:59Z

Weaknesses