Description
This issue was addressed with improved input validation. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to cause unexpected system termination or corrupt kernel memory.
Published: 2026-06-29
Score: n/a
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is caused by insufficient input validation in Apple operating systems, allowing an application to trigger unexpected system termination or corrupt kernel memory. The description indicates that the flaw exists until the applied OS update, and that the immediate effect is an unstable or crashed system.

Affected Systems

Apple iOS, iPadOS, and macOS Tahoe devices running versions earlier than 26.5.2 are affected. The fix is delivered in the 26.5.2 releases for each platform.

Risk and Exploitability

The CVSS score is not available, and the EPSS score is not provided. The vulnerability is not listed in the CISA KEV catalog. An attacker would likely need to install or run a malicious or compromised application on the target device to exploit the flaw, as indicated by the description. The risk is limited to local exploitation of the compromised application, with the potential outcome of system instability or kernel memory corruption. No evidence in the description suggests escalation of privileges or remote exploitation.

Generated by OpenCVE AI on June 29, 2026 at 22:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade iOS, Tahoe to version 26.5.2 or later, which contains the input‑validation fixes.
  • Install applications only from trusted sources, such as the App Store, to avoid malicious or compromised apps that could trigger the flaw.
  • Disable developer mode on the device to reduce exposure to kernel‑level exploitation.

Generated by OpenCVE AI on June 29, 2026 at 22:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 29 Jun 2026 22:45:00 +0000

Type Values Removed Values Added
Title Kernel Memory Corruption and System Termination Vulnerability in Apple iOS, iPadOS, and macOS
Weaknesses CWE-119
CWE-122

Mon, 29 Jun 2026 20:15:00 +0000

Type Values Removed Values Added
Description This issue was addressed with improved input validation. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to cause unexpected system termination or corrupt kernel memory.
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-06-29T19:43:11.341Z

Reserved: 2026-04-07T19:58:20.173Z

Link: CVE-2026-39868

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-29T22:30:05Z

Weaknesses
  • CWE-119

    Improper Restriction of Operations within the Bounds of a Memory Buffer

  • CWE-122

    Heap-based Buffer Overflow