Description
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause a denial-of-service.
Published: 2026-05-11
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability is caused by an out-of-bounds read in Apple operating system components. The bug was fixed by adding improved bounds checking. An application that triggers the flaw can read memory beyond its bounds, which can cause the operating system or a service to crash. The only confirmed impact is a denial-of-service scenario; there is no indication that the flaw leads to data disclosure or arbitrary code execution.

Affected Systems

Apple’s iOS, iPadOS, macOS, tvOS, visionOS, and watchOS are affected. All versions released prior to 26.5 contain the flaw. Apple has released a patch in iOS 26.5, iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, and watchOS 26.5 that addresses the issue.

Risk and Exploitability

The CVSS score of 7.5 indicates a high impact on availability, and the EPSS score of less than 1% suggests a very low but nonzero probability of exploitation. The vulnerability is not listed in the CISA KEV catalog. Based on the description, the attack vector is likely local: a user must install or run a malicious or compromised application that triggers the out-of‑bounds read. If exploited, the attacker can force a crash, resulting in a denial of service on the affected device. Because the flaw does not enable privilege escalation or data leakage, the overall risk is moderate, but the impact on availability is significant for systems that rely on continuous operation.

Generated by OpenCVE AI on May 12, 2026 at 20:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade all Apple devices to iOS, iPadOS, macOS, tvOS, visionOS, and watchOS version 26.5 or later, which includes the bounds‑checking fix.
  • Remove or update any third‑party application that may trigger the out-of-bounds read to prevent the crash from occurring.
  • Continuously monitor system logs and App Store activity for repeated crashes or denial-of-service events and investigate any suspicious applications.
  • Keep macOS security updates for the macOS Tahoe component applied promptly to close this vulnerability on Apple desktops and servers.

Generated by OpenCVE AI on May 12, 2026 at 20:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 12 May 2026 20:45:00 +0000

Type Values Removed Values Added
Title Out-of-Bounds Read Leading to Denial of Service in Apple Operating Systems

Tue, 12 May 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 12 May 2026 18:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-125
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Mon, 11 May 2026 23:30:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ios And Ipados
Apple macos
Apple tvos
Apple visionos
Apple watchos
Vendors & Products Apple
Apple ios And Ipados
Apple macos
Apple tvos
Apple visionos
Apple watchos

Mon, 11 May 2026 22:45:00 +0000

Type Values Removed Values Added
Title Out-of-Bounds Read Leading to Denial of Service in Apple Operating Systems
Weaknesses CWE-787

Mon, 11 May 2026 20:45:00 +0000

Type Values Removed Values Added
Description An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause a denial-of-service.
References

Subscriptions

Apple Ios And Ipados Macos Tvos Visionos Watchos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-05-12T17:24:25.187Z

Reserved: 2026-03-03T16:36:03.995Z

Link: CVE-2026-28991

cve-icon Vulnrichment

Updated: 2026-05-12T17:24:20.546Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-05-11T21:18:59.017

Modified: 2026-05-12T18:16:49.800

Link: CVE-2026-28991

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-12T20:30:23Z

Weaknesses