Denial-of-Service Vulnerability in Apple iOS and iPadOS Products
CVE-2026-28967

Currently unrated

Key Information:

Vendor: Apple
Status: iOS And iPad OS
Vendor: CVE Published:; 11 May 2026

What is CVE-2026-28967?

A denial-of-service (DoS) vulnerability was identified in Apple's iOS and iPadOS, enabling attackers with privileged access to potentially disrupt service availability. This issue arises from inadequate input validation mechanisms, allowing malicious actors to exploit the flaw. The vulnerability has been addressed in the latest software updates, namely iOS 18.7.7, iPadOS 18.7.7, iOS 26.4, and iPadOS 26.4, emphasizing the importance of keeping systems updated to mitigate potential risks.

Affected Version(s)

iOS and iPadOS 0 < 18.7.7

iOS and iPadOS 0 < 26.4

References

https://support.apple.com/en-us/126792

https://support.apple.com/en-us/126793

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 11, 2026
Vulnerability Reserved
Mar 3, 2026

CVE-2026-28967 Data

JSON