Full Disclosure mailing list archives
APPLE-SA-06-29-2026-1 iOS 26.5.2 and iPadOS 26.5.2
From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org>
Date: Mon, 29 Jun 2026 13:27:27 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-06-29-2026-1 iOS 26.5.2 and iPadOS 26.5.2 iOS 26.5.2 and iPadOS 26.5.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/en-us/127594. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. IOGPUFamily Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: An app may be able to cause unexpected system termination Description: A race condition was addressed with improved state handling. CVE-2026-43743: Lyutoon, Dun Kernel Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: An app may be able to cause unexpected system termination or write kernel memory Description: The issue was addressed with improved input sanitization. CVE-2026-43724: Hyunwoo Kim (@v4bel) Kernel Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: An app may be able to leak sensitive kernel state Description: The issue was addressed with improved input sanitization. CVE-2026-43722: Feng Xue and XGPT of ThreatBook, Hyunwoo Kim (@v4bel) Kernel Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: An app may be able to cause unexpected system termination or corrupt kernel memory Description: This issue was addressed with improved input validation. CVE-2026-39868: Vladislav Shevchenko (Positive Technologies), Ye Zhang (@VAR10CK) of Baidu Security, Billy Jheng Bing Jhong and Pan Zhenpeng (@Peterpan0927) of STAR Labs SG Pte. Ltd. libxslt Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: A double free issue was addressed with improved memory management. CVE-2026-43706: Tristan Madani (@TristanInSec) from Talence Security libxslt Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: The issue was addressed with improved memory handling. CVE-2026-43703: Tristan Madani (@TristanInSec) from Talence Security Web Extensions Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: A malicious web extension may be able to cause an unexpected process crash Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 314642 CVE-2026-43704: dr3dd WebKit Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A cross-origin issue was addressed with improved tracking of security origins. WebKit Bugzilla: 315368 CVE-2026-43700: Vitaly Simonovich, Christian Meurer Xavier WebKit Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: A malicious website may exfiltrate data cross-origin Description: The issue was addressed with improved checks. WebKit Bugzilla: 313357 CVE-2026-43735: Merrick Hare, Drinor Selmanaj (Sentry), Khai Tran, John Lussier, Rhyru9, Kwak Kiyong, Song Nuri WebKit Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 313693 CVE-2026-43734: Jonathan Alush-Aben WebKit Bugzilla: 313857 CVE-2026-43726: Josef Korbel (Citadelo), Tristan Madani (@TristanInSec) from Talence Security, Gia Bui (@yabeow) from Calif.io, Narendra Singh (@_3P1C) WebKit Bugzilla: 314398 CVE-2026-43709 WebKit Bugzilla: 317227 CVE-2026-43699: Tommy DeVoss from Braze Security Team (@thedawgyg) WebKit Bugzilla: 315161 CVE-2026-43742: Юлия Мерцалова WebKit Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A path handling issue was addressed with improved validation. WebKit Bugzilla: 313085 CVE-2026-43732: Nan Wang (@eternalsakura13) WebKit Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to memory corruption Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 314115 CVE-2026-43731: dr3dd WebKit Bugzilla: 313577 CVE-2026-43715: Milad Nasr and Nicholas Carlini with Claude, Anthropic WebKit Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 313691 CVE-2026-43727: Tommy DeVoss from Braze Security Team (@thedawgyg), Gia Bui (@yabeow) from Calif.io, Gurpreet Shergill WebKit Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: A malicious website may be able to process restricted web content outside the sandbox Description: The issue was addressed with improved input validation. WebKit Bugzilla: 312832 CVE-2026-43725: Luke Francis WebKit Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: The issue was addressed with improved memory handling. WebKit Bugzilla: 312781 CVE-2026-43663: Soyeon Park, Amy Burnett, Khai Tran, sherkito, Kota Toda, HexRabbit (@h3xr4bb1t) and NiNi (@terrynini38514) of DEVCORE Research Team, Using GLM From Z.AI, Tristan Madani (@TristanInSec) from Talence Security, Brian Carpenter WebKit Bugzilla: 313528 CVE-2026-39872: Utkarsh Pal, Ignacio Sanmillan (@ulexec) WebKit Bugzilla: 314235 CVE-2026-43712: Kwak Kiyong, Song Nuri, Tristan Madani (@TristanInSec) from Talence Security WebKit Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: The issue was addressed with improved memory handling. WebKit Bugzilla: 315047 CVE-2026-43716: Tuan and Duc from Calif.io, OpenAI Codex Security - Amy Burnett, Evan Lambert WebKit Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: An out-of-bounds access issue was addressed with improved bounds checking. WebKit Bugzilla: 317231 CVE-2026-43676: Mateusz Krzywicki (iVerify.io), dr3dd, Tommy DeVoss from Braze Security Team (@thedawgyg) WebKit Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: The issue was addressed with improved memory handling. WebKit Bugzilla: 308046 CVE-2026-43740: Nathaniel Oh (@calysteon), Arni Hardarson WebKit Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Visiting a website may leak sensitive data Description: A permissions issue was addressed with additional restrictions. WebKit Bugzilla: 314806 CVE-2026-43713: Jody Ritonga WebKit Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: A malicious website may exfiltrate data cross-origin Description: The issue was addressed with improved input validation. WebKit Bugzilla: 315306 CVE-2026-43708: Behzad Najjarpour Jabbari (@_G4ru_) WebKit Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: A memory corruption issue was addressed with improved memory handling. WebKit Bugzilla: 315951 CVE-2026-43707: OpenAI Codex Security - Amy Burnett WebKit Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to memory corruption Description: A type confusion issue was addressed with improved checks. WebKit Bugzilla: 314528 CVE-2026-43705: dr3dd WebKit Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: A malicious website may be able to process restricted web content outside the sandbox Description: The issue was addressed with improved checks. WebKit Bugzilla: 315004 CVE-2026-43701: Aaron Grattafiori - NVIDIA AI Red Team WebKit Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: An out-of-bounds write issue was addressed with improved input validation. WebKit Bugzilla: 315365 CVE-2026-43745: OpenAI Codex Security - Amy Burnett, Khai Tran WebKit Canvas Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 313175 CVE-2026-43720: Gia Bui (@yabeow) from Calif.io, Josef Korbel WebKit Storage Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: A malicious website may be able to silently hijack clipboard data Description: This issue was addressed through improved state management. WebKit Bugzilla: 313478 CVE-2026-43721: Idan Masas WebRTC Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: An out-of-bounds access issue was addressed with improved bounds checking. WebKit Bugzilla: 317324 CVE-2026-28979 WebRTC Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A stack overflow was addressed with improved input validation. WebKit Bugzilla: 313350 CVE-2026-43718: Nan Wang (@eternalsakura13) WebRTC Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 313351 CVE-2026-43717: Nan Wang (@eternalsakura13) WebKit Bugzilla: 314090 CVE-2026-43746: dr3dd Additional recognition libxslt We would like to acknowledge Kubilay Berk Alkan for their assistance. WebKit We would like to acknowledge Henock Habte, Souta Sugiyama for their assistance. WebKit JavaScript Bindings We would like to acknowledge Karan Kurani for their assistance. This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 26.5.2 and iPadOS 26.5.2". All information is also posted on the Apple Security Releases web site: https://support.apple.com/100100. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEhjkl+zMLNwFiCT1o4Ifiq8DH7PUFAmpCz0sACgkQ4Ifiq8DH 7PWVohAApx6QTHKJZPey3yzpbNGUFH3t0rHepxX9AnEt4nKYOz5W14jlESsIP9xw R4+7QadVGuwUUEjrx0yhg04Z4Mzty6fcWM206h2yX6CBG2BGJ+SwUCP1Sy+rA4jy yTO2/kkZPu6e/kLLciswjHEy080o6S151T9rcy96X3NnwWyY/isCcPCosruD0y4C KyqlJOiUdRfx2DwMrsox9fshjIxKqRym5x7XtRcJJOTH8OIuHJjPSG+xa7rXrdh3 hKhmOAVRWwT24P1JKXXiNxdW/ng0tW+q0VRs/0f7VdGYfhQvMstggF6ye/nYFt4g RNHJxo4KVj0CQBgJmcqM9RR8Uzk5b3tuKFQJoWW+kg+RgUl7jyUuvfMkOfppckIy IUpKu7VdvE+xnAlF0f+yhvdSHw9Ykqo2U4A/uqdscYrEpxVbwtT61Mm0TB1gUD13 cIbyjy6Fb2fyk8/l3J5l07RcCqqUx60RlC5TFyYtHbEfxr16+ShuRfXTRRRV3aP8 oLw4ZqCG12pUgpXJMTyZ6iNHnKW2w5LR/PvBBIIu3dpOgCi/F83MTXiYcOE4rgCg qYyW8m8+TyKGh7EfrEvr/gu662txXU3wWByEzwEdWB0XCIDosR6hEqSCDsn38Fhr DAsLYRwk61hR0b2u7gAf2u8cTLf7XZGMsxRY5fPyJGgYdZc6rUA= =Uxnt -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Current thread:
- APPLE-SA-06-29-2026-1 iOS 26.5.2 and iPadOS 26.5.2 Apple Product Security via Fulldisclosure (Jul 02)
