GHSA-9hp7-89x8-v65v

GHSA-9hp7-89x8-v65v PUBLISHED CVSS 7.5 HIGH

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 26.4 and iPadOS 26.4. A remote attacker may be able to cause a denial-of-service.

Risk Scores

CVSS 3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploit Intelligence

ios_v2_generated.go (github-poc)
ios_v1_generated.go (github-poc)

Timeline

Mar 25, 2026 CVE Published
Mar 25, 2026 CVE Updated
Apr 10, 2026 Security Advisory

References

https://nvd.nist.gov/vuln/detail/CVE-2026-28875 advisory
https://support.apple.com/en-us/126792 url

Open in Interactive Console →