Description
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. An app may be able to cause unexpected system termination or corrupt kernel memory.
Published: 2025-11-04
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Kernel memory corruption or system termination
Action: Patch OS
AI Analysis

Impact

The vulnerability arises from improper memory handling within Apple’s operating systems. It can enable an application to corrupt kernel memory or trigger unexpected system termination. The weakness is captured by CWE‑119 and CWE‑787, indicating buffer overflows and out‑of‑bounds writes.

Affected Systems

Apple devices running iOS, iPadOS, macOS (Tahoe), visionOS, and watchOS are potentially affected. The fix is delivered in version 26.1 for each platform, and no other specific affected releases are documented in the advisory.

Risk and Exploitability

The CVSS score of 5.5 represents a moderate impact. The EPSS score of less than 1% indicates only a very low probability of active exploitation at present. The vulnerability is not listed in the CISA KEV catalog. A local malicious or poorly behaved application could trigger the memory error, potentially causing a crash or kernel memory corruption. No evidence indicates privilege escalation beyond the described effects.

Generated by OpenCVE AI on April 27, 2026 at 23:02 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade each Apple device to iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, or watchOS 26.1 to apply the memory‑handling fix.
  • Limit installation to applications from the Apple App Store or those signed by Apple to reduce the risk of executing code that could trigger the vulnerability.
  • Enable automatic software updates on all Apple devices so that future security patches are applied without manual intervention.

Generated by OpenCVE AI on April 27, 2026 at 23:02 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 27 Apr 2026 23:30:00 +0000

Type Values Removed Values Added
Title Improper Memory Handling Enables Kernel Corruption or Unexpected System Termination on Apple Operating Systems

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description The issue was addressed with improved memory handling. This issue is fixed in iOS 26.1 and iPadOS 26.1, watchOS 26.1, macOS Tahoe 26.1, visionOS 26.1. An app may be able to cause unexpected system termination or corrupt kernel memory. The issue was addressed with improved memory handling. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. An app may be able to cause unexpected system termination or corrupt kernel memory.

Wed, 17 Dec 2025 21:00:00 +0000

Type Values Removed Values Added
Description The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS 26.1 and iPadOS 26.1, visionOS 26.1. An app may be able to cause unexpected system termination or corrupt kernel memory. The issue was addressed with improved memory handling. This issue is fixed in iOS 26.1 and iPadOS 26.1, watchOS 26.1, macOS Tahoe 26.1, visionOS 26.1. An app may be able to cause unexpected system termination or corrupt kernel memory.
References

Tue, 04 Nov 2025 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple iphone Os
Weaknesses CWE-787
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
Vendors & Products Apple iphone Os

Tue, 04 Nov 2025 17:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-119
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

 cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 04 Nov 2025 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ios
Apple ipados
Apple visionos
Apple watchos
Vendors & Products Apple
Apple ios
Apple ipados
Apple visionos
Apple watchos

Tue, 04 Nov 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 04 Nov 2025 01:45:00 +0000

Type Values Removed Values Added
Description The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS 26.1 and iPadOS 26.1, visionOS 26.1. An app may be able to cause unexpected system termination or corrupt kernel memory.
References

Subscriptions

Apple Ios Ipados Iphone Os Visionos Watchos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:26:01.120Z

Reserved: 2025-04-16T15:24:37.125Z

Link: CVE-2025-43447

cve-icon Vulnrichment

Updated: 2025-11-04T15:39:05.456Z

cve-icon NVD

Status : Modified

Published: 2025-11-04T02:15:50.447

Modified: 2026-04-02T19:20:48.490

Link: CVE-2025-43447

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-27T23:15:06Z

Weaknesses