Full Disclosure mailing list archives
APPLE-SA-06-29-2026-2 macOS Tahoe 26.5.2
From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org>
Date: Mon, 29 Jun 2026 13:28:00 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-06-29-2026-2 macOS Tahoe 26.5.2 macOS Tahoe 26.5.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/en-us/127595. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. IOGPUFamily Available for: macOS Tahoe Impact: An app may be able to cause unexpected system termination Description: A race condition was addressed with improved state handling. CVE-2026-43743: Lyutoon, Dun Kernel Available for: macOS Tahoe Impact: An app may be able to cause unexpected system termination or write kernel memory Description: The issue was addressed with improved input sanitization. CVE-2026-43724: Hyunwoo Kim (@v4bel) Kernel Available for: macOS Tahoe Impact: An app may be able to leak sensitive kernel state Description: The issue was addressed with improved input sanitization. CVE-2026-43722: Feng Xue and XGPT of ThreatBook, Hyunwoo Kim (@v4bel) Kernel Available for: macOS Tahoe Impact: An app may be able to cause unexpected system termination or corrupt kernel memory Description: This issue was addressed with improved input validation. CVE-2026-39868: Vladislav Shevchenko (Positive Technologies), Ye Zhang (@VAR10CK) of Baidu Security, Billy Jheng Bing Jhong and Pan Zhenpeng (@Peterpan0927) of STAR Labs SG Pte. Ltd. libxslt Available for: macOS Tahoe Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: A double free issue was addressed with improved memory management. CVE-2026-43706: Tristan Madani (@TristanInSec) from Talence Security libxslt Available for: macOS Tahoe Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: The issue was addressed with improved memory handling. CVE-2026-43703: Tristan Madani (@TristanInSec) from Talence Security Web Extensions Available for: macOS Tahoe Impact: A malicious web extension may be able to cause an unexpected process crash Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 314642 CVE-2026-43704: dr3dd WebKit Available for: macOS Tahoe Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A cross-origin issue was addressed with improved tracking of security origins. WebKit Bugzilla: 315368 CVE-2026-43700: Vitaly Simonovich, Christian Meurer Xavier WebKit Available for: macOS Tahoe Impact: A malicious website may exfiltrate data cross-origin Description: The issue was addressed with improved checks. WebKit Bugzilla: 313357 CVE-2026-43735: Merrick Hare, Drinor Selmanaj (Sentry), Khai Tran, John Lussier, Rhyru9, Kwak Kiyong, Song Nuri WebKit Available for: macOS Tahoe Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 313693 CVE-2026-43734: Jonathan Alush-Aben WebKit Bugzilla: 313857 CVE-2026-43726: Josef Korbel (Citadelo), Tristan Madani (@TristanInSec) from Talence Security, Gia Bui (@yabeow) from Calif.io, Narendra Singh (@_3P1C) WebKit Bugzilla: 314398 CVE-2026-43709 WebKit Bugzilla: 317227 CVE-2026-43699: Tommy DeVoss from Braze Security Team (@thedawgyg) WebKit Bugzilla: 315161 CVE-2026-43742: Юлия Мерцалова WebKit Available for: macOS Tahoe Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A path handling issue was addressed with improved validation. WebKit Bugzilla: 313085 CVE-2026-43732: Nan Wang (@eternalsakura13) WebKit Available for: macOS Tahoe Impact: Processing maliciously crafted web content may lead to memory corruption Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 314115 CVE-2026-43731: dr3dd WebKit Bugzilla: 313577 CVE-2026-43715: Milad Nasr and Nicholas Carlini with Claude, Anthropic WebKit Available for: macOS Tahoe Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 313691 CVE-2026-43727: Tommy DeVoss from Braze Security Team (@thedawgyg), Gia Bui (@yabeow) from Calif.io, Gurpreet Shergill WebKit Available for: macOS Tahoe Impact: A malicious website may be able to process restricted web content outside the sandbox Description: The issue was addressed with improved input validation. WebKit Bugzilla: 312832 CVE-2026-43725: Luke Francis WebKit Available for: macOS Tahoe Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: The issue was addressed with improved memory handling. WebKit Bugzilla: 312781 CVE-2026-43663: Soyeon Park, Amy Burnett, Khai Tran, sherkito, Kota Toda, HexRabbit (@h3xr4bb1t) and NiNi (@terrynini38514) of DEVCORE Research Team, Using GLM From Z.AI, Tristan Madani (@TristanInSec) from Talence Security, Brian Carpenter WebKit Bugzilla: 313528 CVE-2026-39872: Utkarsh Pal, Ignacio Sanmillan (@ulexec) WebKit Bugzilla: 314235 CVE-2026-43712: Kwak Kiyong, Song Nuri, Tristan Madani (@TristanInSec) from Talence Security WebKit Available for: macOS Tahoe Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: The issue was addressed with improved memory handling. WebKit Bugzilla: 315047 CVE-2026-43716: Tuan and Duc from Calif.io, OpenAI Codex Security - Amy Burnett, Evan Lambert WebKit Available for: macOS Tahoe Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: An out-of-bounds access issue was addressed with improved bounds checking. WebKit Bugzilla: 317231 CVE-2026-43676: Mateusz Krzywicki (iVerify.io), dr3dd, Tommy DeVoss from Braze Security Team (@thedawgyg) WebKit Available for: macOS Tahoe Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: The issue was addressed with improved memory handling. WebKit Bugzilla: 308046 CVE-2026-43740: Nathaniel Oh (@calysteon), Arni Hardarson WebKit Available for: macOS Tahoe Impact: Visiting a website may leak sensitive data Description: A permissions issue was addressed with additional restrictions. WebKit Bugzilla: 314806 CVE-2026-43713: Jody Ritonga WebKit Available for: macOS Tahoe Impact: A malicious website may exfiltrate data cross-origin Description: The issue was addressed with improved input validation. WebKit Bugzilla: 315306 CVE-2026-43708: Behzad Najjarpour Jabbari (@_G4ru_) WebKit Available for: macOS Tahoe Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: A memory corruption issue was addressed with improved memory handling. WebKit Bugzilla: 315951 CVE-2026-43707: OpenAI Codex Security - Amy Burnett WebKit Available for: macOS Tahoe Impact: Processing maliciously crafted web content may lead to memory corruption Description: A type confusion issue was addressed with improved checks. WebKit Bugzilla: 314528 CVE-2026-43705: dr3dd WebKit Available for: macOS Tahoe Impact: A malicious website may be able to process restricted web content outside the sandbox Description: The issue was addressed with improved checks. WebKit Bugzilla: 315004 CVE-2026-43701: Aaron Grattafiori - NVIDIA AI Red Team WebKit Available for: macOS Tahoe Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: An out-of-bounds write issue was addressed with improved input validation. WebKit Bugzilla: 315365 CVE-2026-43745: OpenAI Codex Security - Amy Burnett, Khai Tran WebKit Canvas Available for: macOS Tahoe Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 313175 CVE-2026-43720: Gia Bui (@yabeow) from Calif.io, Josef Korbel WebKit Storage Available for: macOS Tahoe Impact: A malicious website may be able to silently hijack clipboard data Description: This issue was addressed through improved state management. WebKit Bugzilla: 313478 CVE-2026-43721: Idan Masas WebRTC Available for: macOS Tahoe Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: An out-of-bounds access issue was addressed with improved bounds checking. WebKit Bugzilla: 317324 CVE-2026-28979 WebRTC Available for: macOS Tahoe Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A stack overflow was addressed with improved input validation. WebKit Bugzilla: 313350 CVE-2026-43718: Nan Wang (@eternalsakura13) WebRTC Available for: macOS Tahoe Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 313351 CVE-2026-43717: Nan Wang (@eternalsakura13) WebKit Bugzilla: 314090 CVE-2026-43746: dr3dd Additional recognition libxslt We would like to acknowledge Kubilay Berk Alkan for their assistance. WebKit We would like to acknowledge Henock Habte, Souta Sugiyama for their assistance. WebKit JavaScript Bindings We would like to acknowledge Karan Kurani for their assistance. macOS Tahoe 26.5.2 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Releases web site: https://support.apple.com/100100. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEhjkl+zMLNwFiCT1o4Ifiq8DH7PUFAmpCz3gACgkQ4Ifiq8DH 7PVguQ/+Oik8OkzSvGCd0i95T4XfWjMIegHQWkUyRY5f4SEcrXBDEX24hQ6vENUO Dw/oyPfHf/Io3Wj5a+/OcpPXMSTZRKc5DOjNso4gCmerw7//gF+0P+w08QhmLlmD FLSqIvuVBfpJQCh1wsDhKJJzx9g3Q8ae6SxhyY6uMVFNpo4GwUKUejiKiSU1ReIs xvTQN/MUb9cMUacJTjzuRazc7wgGJcjDjJ4yjIA1rVU4tezQmWxLvhMleCidyD1v VW1Jre4prqHtL3afK3OtEI/l3xuCSU/Tz+ZjTK/zU+JpFFP8umYlLKmw5S1M4sHy G+YAVu6PieLnjBBrs31OZ9ue/7/s4W0LFwEHvjRbq8NEi7IAAJxj6/cC6ym62Ujc 5Fv7n0405Xpwtw1/jonWPoNieOhFL2mvzaZDjx/DB6k5mUVZyycnJ4LPwLHkFH0m oQ3o0q9ECXv9PLVQf2398fZNNi5azSshX3jdE0X+rX058IjjZftfu/VDoaprP5is ztP6XnmmCXp/QW0/Q7wG34j05azwwQZ6FxU7ZP4DJ7RXQ5ugJU7KoD7tn7UYOZgA NbBXp//SX/OLyf/8pmUCSt5v84BE/Muhxfzy+mjiick6JPNoRMBnG5d7WYL212b4 zjPT4bZ4LwnYwocz3r1Ky0MU3Pt0Whrx4kSQbiVG3ULBNTjyspQ= =rkMC -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Current thread:
- APPLE-SA-06-29-2026-2 macOS Tahoe 26.5.2 Apple Product Security via Fulldisclosure (Jul 02)
