CVE-2026-28967

MEDIUM | Platform: iOS | Changelog

CVE Details

Description

A denial-of-service issue was addressed with improved input validation. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4. An attacker in a privileged network position may be able to cause a denial-of-service.

CVSS 3.1 Score

Metric	Value
Base Score	4.9 (MEDIUM)
Vector	`CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H`

Weakness

CWE-400

References

Apple Security Advisory
NVD Entry
https://support.apple.com/en-us/126793 (Release Notes, Vendor Advisory)