Skip to main content
Mallory
Mallory

Apple Security Updates Address Multiple Vulnerabilities Including an In-the-Wild Exploited Memory Corruption Flaw

security updatesmemory corruptionmacoszero-dayapplebuffer overflowvulnerabilityremote code executionin-the-wildwatchossensitive informationsecurity bypassipadoslocked devicecrafted packets
Updated February 13, 2026 at 04:03 AM2 sources
Apple Security Updates Address Multiple Vulnerabilities Including an In-the-Wild Exploited Memory Corruption Flaw

Get Ahead of Threats Like This

Know if you're exposed — before adversaries strike.

Apple issued security updates across its ecosystem to address multiple vulnerabilities affecting iOS, iPadOS, macOS, tvOS, watchOS, and visionOS, with impacts including remote code execution (RCE), denial of service, elevation of privilege, information disclosure, data manipulation, and security restriction bypass. HKCERT highlighted CVE-2026-20700 as a high-risk issue and noted it is being exploited in the wild; the flaw is described as an improper restriction of operations within the bounds of a memory buffer that could allow arbitrary code execution when an attacker has memory-write capability.

Apple’s iOS 26.3 and iPadOS 26.3 security content includes fixes for issues that could expose sensitive information on a locked device (e.g., CVE-2026-20645 and CVE-2026-20674) and a Bluetooth-related denial-of-service condition where a privileged network attacker could trigger DoS using crafted packets (CVE-2026-20650). The updates apply to iPhone 11 and later and a range of supported iPad models, and Apple reiterated its policy of publishing details after patches are available.

Related Entities

Vulnerabilities

Sensitive data access via environment variable handling in Apple CoreServices (CVE-2026-20627)Out-of-bounds memory access in ANGLE (LibANGLE) Metal renderer in Google Chrome on macOS (CVE-2025-14174)WebKit use-after-free leading to code execution (CVE-2025-43529) (CVE-2025-43529)iOS/iPadOS LaunchServices logging sanitization flaw enabling installed-app enumeration (CVE-2026-20663)Excessive memory allocation DoS in libexpat (Expat) before 2.7.2 (CVE-2025-59375)DoS in Apple Bluetooth via crafted packets (privileged network position) (CVE-2026-20650)Sandbox bypass via symlink race condition in Apple Messages (Shortcuts) (CVE-2026-20677)Sandbox escape in Apple libxpc (CVE-2026-20667) (CVE-2026-20667)Sensitive screenshot exposure during iPhone Mirroring in iOS/iPadOS (UI state management) (CVE-2026-20640)Out-of-bounds access in Apple CoreAudio media file processing (CVE-2026-20611) (CVE-2026-20611)Lock-screen information disclosure via inconsistent UI state management in iOS/iPadOS Accessibility (CVE-2026-20645)Privacy preferences bypass in Apple UIKit (CVE-2026-20606) (CVE-2026-20606)Locked-device sensitive information disclosure in iOS/iPadOS Accessibility (CVE-2026-20674)iOS/iPadOS VoiceOver lock-screen authorization bypass via state management (CVE-2026-20661)CoreMedia memory handling issue leading to DoS / memory disclosure via crafted file (CVE-2026-20609)Lock screen photo access via input validation issue in iOS/iPadOS Photos (CVE-2026-20642)Sandbox permissions issue leading to sandbox escape in Apple Sandbox (CVE-2026-20628)Kernel memory-handling DoS in Apple OSes (CVE-2026-20654) (CVE-2026-20654)Process memory disclosure in Apple ImageIO via crafted image parsing (CVE-2026-20634)Installed-app enumeration privacy issue in Apple StoreKit (CVE-2026-20641)Sensitive information disclosure via insufficient log redaction in Apple Game Center (CVE-2026-20649)Local Privilege Escalation to root in Apple CoreServices (race condition) (CVE-2026-20617)CVE-2026-20626Sensitive data exposure via Spotlight app-state observability (CVE-2026-20680) (CVE-2026-20680)Information disclosure in iOS/iPadOS Screenshots allows discovery of deleted Notes (CVE-2026-20682)WebKit state management issue leading to process crash (Apple platforms / Safari 26.3) (CVE-2026-20608)Information disclosure in Apple ImageIO via crafted image (bounds check issue) (CVE-2026-20675)CoreServices path-handling LPE to root (Apple platforms) (CVE-2026-20615)Sensitive data access via directory-path parsing in Apple Shortcuts (CVE-2026-20653)User tracking via Safari Web Extensions in WebKit (Apple Safari / iOS / macOS) (CVE-2026-20676)

Organizations

Apple

Affected Products

Ios

Sources

cert hk security advisories
Apple Products Multiple Vulnerabilities
February 13, 2026 at 12:00 AM
apple support
About the security content of iOS 26.3 and iPadOS 26.3 - Apple Support
February 11, 2026 at 12:00 AM

Related Stories

Apple Patches Actively Exploited dyld Zero-Day in iOS and Other Platforms

Apple Patches Actively Exploited dyld Zero-Day in iOS and Other Platforms

Apple released security updates to address an **actively exploited zero-day** tracked as **CVE-2026-20700**, warning it may have been used in an “extremely sophisticated” attack targeting specific individuals on versions of iOS prior to *iOS 26*. The flaw affects **`dyld` (Apple’s dynamic linker)** and can allow **arbitrary code execution** when an attacker already has **memory write** capability; reporting attributes discovery to **Google’s Threat Analysis Group** and notes it may have been used as part of an exploit chain. Apple shipped fixes across its ecosystem, including *iOS 26.3*, *iPadOS 26.3*, *macOS Tahoe 26.3*, *watchOS 26.3*, *tvOS 26.3*, and *visionOS 26.3*. The same reporting indicates Apple also issued patches tied to the broader report for **CVE-2025-14174** (an out-of-bounds memory access issue in Chrome’s **ANGLE** graphics component on Mac) and **CVE-2025-43529** (a **use-after-free** leading to code execution), and commentary from security practitioners emphasized that enterprise risk is driven by **patch deployment speed**—particularly where updates rely on end users rather than enforced device management.

1 months ago
Apple iOS/iPadOS Security Updates and CVE Fixes Across Multiple Releases

Apple iOS/iPadOS Security Updates and CVE Fixes Across Multiple Releases

Apple published security advisories detailing vulnerability fixes across multiple iOS and iPadOS versions, including iOS/iPadOS **16.7**, **17.2**, **18.1**, **18.3**, **26.1**, and **26.2**. The advisories describe a range of impacts such as sandbox escapes (including Web Content sandbox breakout), privacy issues where apps could access or expose sensitive user data via insufficient log redaction, file-system modification via temporary-file handling, and memory-safety flaws (e.g., out-of-bounds reads, type confusion, and bounds-checking issues) that could lead to crashes or memory corruption. Apple attributes fixes to changes like improved protocol handling, cache handling, input validation, and additional permission restrictions, and references issues by **CVE** where available. Several advisories also highlight device-state and authentication/logic weaknesses: iOS/iPadOS 18.3 includes a case where an attacker with physical access to an **unlocked** device could access Photos while the app is locked (`CVE-2025-24141`), while iOS/iPadOS 18.1 includes a lock-screen exposure issue (`CVE-2024-44274`) and a Shortcuts-related path-handling flaw that could allow arbitrary shortcut execution without user consent (`CVE-2024-44255`). The iOS/iPadOS 26.x advisories include privacy and permission issues (e.g., identifying installed apps, screenshots of sensitive embedded views), potential kernel memory corruption/system termination conditions, and logic/UI issues affecting security posture (e.g., passcode requirement timing after Face ID enrollment restore scenarios and potential FaceTime caller ID spoofing), with multiple findings credited to external researchers and teams (including Google Project Zero, ByteDance IES Red Team, and others).

1 months ago

Apple Releases Security Updates Addressing Over 100 Vulnerabilities Across Multiple Platforms

Apple released a comprehensive set of security updates for its major operating systems and applications, including iOS 26.1, iPadOS 26.1, macOS Tahoe 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, tvOS 26.1, watchOS 26.1, visionOS 26.1, Safari 26.1, and Xcode 26.1. The updates address 110 vulnerabilities, several of which involve memory corruption issues in components such as ImageIO, FontParser, and WebKit, potentially allowing remote code execution. Other vulnerabilities could allow unauthorized access to sensitive user data through components like Spotlight, CoreMedia, MallocStackLogging, Admin Framework, sudo, Security, SoftwareUpdate, and AppleMobile. None of the vulnerabilities were reported as actively exploited at the time of release, and Apple provided limited technical details in its advisories. Security authorities, including the Canadian Centre for Cyber Security, have urged users and administrators to promptly apply these updates to mitigate potential risks. The updates are considered routine but critical, given the breadth of affected products and the potential impact of the vulnerabilities. Users are advised to review Apple's official security update documentation and ensure all devices are updated to the latest versions to maintain security and privacy protections.

4 months ago

Get Ahead of Threats Like This

Mallory continuously monitors global threat intelligence and correlates it with your attack surface. Know if you're exposed — before adversaries strike.