CVE-2026-28990 — Vulnetix

Try Vulnetix Request Demo

CVE-2026-28990 PUBLISHED

The issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing a maliciously crafted image may corrupt process memory.

Affected Products

Vendor	Product	Versions
Apple	iOS and iPadOS	0
Apple	tvOS	0
Apple	macOS	0, 0, 0
Apple	watchOS	0
Apple	visionOS	0

Timeline

May 11, 2026 CVE Published
May 12, 2026 Security Advisory

References

https://support.apple.com/en-us/127110 url
https://support.apple.com/en-us/127115 url
https://support.apple.com/en-us/127116 url
https://support.apple.com/en-us/127117 url
https://support.apple.com/en-us/127118 url
https://support.apple.com/en-us/127119 url
https://support.apple.com/en-us/127120 url
https://nvd.nist.gov/vuln/detail/CVE-2026-28990 advisory
https://support.apple.com/en-us/127114 advisory
https://support.apple.com/en-us/127111 advisory
https://support.apple.com/en-us/127113 advisory
https://support.apple.com/en-us/127112 advisory

Open in Interactive Console →