Apple on Monday introduced the discharge of main iOS and macOS platform updates with fixes for a complete of greater than 50 vulnerabilities.
iOS 26 and iPadOS 26 have been launched for the newest era iPhone and iPad gadgets with fixes for 27 distinctive CVEs that would result in reminiscence corruption, info disclosure, crashes, and sandbox escapes.
WebKit obtained the most important variety of fixes, at 5, for safety defects that would result in course of crashes, Safari crashes, or might enable web sites to entry sensor info with out consent.
The iOS replace additionally fixes vulnerabilities in Apple Neural Engine, Bluetooth, CoreAudio, CoreMedia, Kernel, Safari, Sandbox, Siri, System, and a dozen different elements.
Apple launched macOS Tahoe 26 with patches for 38 distinctive CVEs, together with 11 that have been resolved in iOS 26 and iPadOS 26 as nicely.
Essentially the most affected elements embrace WebKit, which obtained fixes for 5 bugs, AppleMobileFileIntegrity and SharedFileList with patches for 4 points every, and Bluetooth and Sandbox with fixes for 3 flaws every.
Different elements that obtained patches embrace AppKit, AppSandbox, ATS, CoreMedia, CoreServices, FaceTime, Basis, GPU Driver, ImageIO, Notification Middle, RemoteViewServices, Safety Initialization, Highlight, and StorageKit.
On Monday, Apple additionally launched iOS 18.7 and iPadOS 18.7 with fixes for 12 safety defects, and rolled out iOS 16.7.12, iPadOS 16.7.12, iOS 15.8.5, and iPadOS 15.8.5 with patches for CVE-2025-43300, an ImageIO flaw exploited in assaults focusing on WhatsApp customers. Apple launched the primary patches for the vulnerability on August 20. Commercial. Scroll to proceed studying.
The Cupertino tech firm delivered hefty units of patches for macOS Sequoia 15.7 and macOS Sonoma 14.8, and launched tvOS 26, watchOS 26, and visionOS 26 with patches for practically two dozen vulnerabilities every.
Safari 26 was rolled out with fixes for seven safety defects, whereas Xcode 26 arrived with patches for 5 bugs.
Except for CVE-2025-43300, Apple makes no point out of any of the resolved vulnerabilities being exploited within the wild. Extra info might be discovered on the corporate’s safety releases web page.
Associated: Samsung Patches Zero-Day Exploited Towards Android Customers
Associated: Cost System Vendor Took 12 months+ to Patch Infinite Card Prime-Up Hack: Safety Agency
Associated: Essential Chrome Vulnerability Earns Researcher $43,000
Associated: Extremely Widespread NPM Packages Poisoned in New Provide Chain Assault
