CVE-2026-43661

Description

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. Processing a maliciously crafted image may corrupt process memory.

PUBLISHED Reserved 2026-05-01 | Published 2026-05-11 | Updated 2026-05-11 | Assigner apple

Problem types

Processing a maliciously crafted image may corrupt process memory

Product status

References

support.apple.com/en-us/127110

support.apple.com/en-us/127115

support.apple.com/en-us/127118

support.apple.com/en-us/127119

cve.org (CVE-2026-43661)

nvd.nist.gov (CVE-2026-43661)

Download JSON