CVE-2026-39870 | THREATINT

Description

The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. Processing a maliciously crafted image may corrupt process memory.

PUBLISHED Reserved 2026-04-07 | Published 2026-05-11 | Updated 2026-05-11 | Assigner apple

Problem types

Processing a maliciously crafted image may corrupt process memory

Product status

Any version before 14.8.7

affected

Any version before 15.7.7

affected

Any version before 26.5

affected

References

support.apple.com/en-us/127115

support.apple.com/en-us/127116

support.apple.com/en-us/127117

cve.org (CVE-2026-39870)

nvd.nist.gov (CVE-2026-39870)

Download JSON