Home

Description

A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4. A remote attacker may be able to cause a denial-of-service.

PUBLISHED Reserved 2026-03-03 | Published 2026-05-11 | Updated 2026-05-11 | Assigner apple

Problem types

A remote attacker may be able to cause a denial-of-service

Product status

Any version before 18.7.9
affected

Any version before 26.4
affected

References

support.apple.com/en-us/126792

support.apple.com/en-us/127111

cve.org (CVE-2026-28872)

nvd.nist.gov (CVE-2026-28872)

Download JSON