Input Validation Flaw in Apple Products Allows Process Crash
CVE-2026-28917

Currently unrated

Key Information:

Vendor: Apple
Status: iOS And iPad OS; Mac OS; TV OS; Visionos
Vendor: CVE Published:; 11 May 2026

What is CVE-2026-28917?

An input validation vulnerability has been identified in various Apple products, which, when exploited through maliciously crafted web content, can lead to unexpected process crashes. Apple has addressed the issue in the latest versions of its operating systems, including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS. Users are encouraged to update their devices promptly to mitigate any potential risks associated with this vulnerability.

Affected Version(s)

iOS and iPadOS 0 < 18.7.9

iOS and iPadOS 0 < 26.5

macOS 0 < 26.5

References

https://support.apple.com/en-us/127110

https://support.apple.com/en-us/127111

https://support.apple.com/en-us/127115

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 11, 2026
Vulnerability Reserved
Mar 3, 2026

CVE-2026-28917 Data

JSON