Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices

Source: The Hacker News

Apple on Wednesday released iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS updates to address a zero‑day flaw that has been exploited in sophisticated cyber attacks.

Vulnerability details

The vulnerability, tracked as CVE‑2026‑20700 (CVSS score: N/A), is a memory‑corruption issue in dyld, Apple’s Dynamic Link Editor. Successful exploitation could allow an attacker with memory‑write capability to execute arbitrary code on affected devices. The Google Threat Analysis Group (TAG) discovered and reported the bug.

Apple’s advisory notes:

“Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26.”

In the same advisory, Apple referenced two earlier CVEs that were also issued in response to the report:

• CVE‑2025‑14174 – an out‑of‑bounds memory access in ANGLE’s Metal renderer (CVSS 8.8).
• CVE‑2025‑43529 – a use‑after‑free vulnerability in WebKit that could lead to arbitrary code execution when processing malicious web content (CVSS 8.8).

Both CVEs were addressed by Apple in December 2025.

Affected devices and updates

The new updates are available for the following operating‑system versions and devices:

• iOS 26.3 and iPadOS 26.3 – iPhone 11 and later; iPad Pro 12.9‑inch 3rd gen and later; iPad Pro 11‑inch 1st gen and later; iPad Air 3rd gen and later; iPad 8th gen and later; iPad mini 5th gen and later.
• macOS Tahoe 26.3 – Macs running macOS Tahoe.
• tvOS 26.3 – Apple TV HD and Apple TV 4K (all models).
• watchOS 26.3 – Apple Watch Series 6 and later.
• visionOS 26.3 – Apple Vision Pro (all models).

Additional updates for older versions

Apple also released patches for several older releases:

• iOS 18.7.5 and iPadOS 18.7.5 – iPhone XS, iPhone XS Max, iPhone XR, iPad 7th gen.
• macOS Sequoia 15.7.4 – Macs running macOS Sequoia.
• macOS Sonoma 14.8.4 – Macs running macOS Sonoma.
• Safari 26.3 – Safari on macOS Sonoma and macOS Sequoia.

Context and history

With these releases, Apple has addressed its first actively exploited zero‑day vulnerability in 2026. In the previous year, the company patched nine zero‑day flaws that were observed being exploited in the wild.