Description
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 and iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption.
References (6)
Core 6
Core References
Vendor Advisory
https://support.apple.com/en-us/120300
Vendor Advisory
https://support.apple.com/en-us/120877
Vendor Advisory
https://support.apple.com/en-us/120879
Vendor Advisory
https://support.apple.com/en-us/126632
Vendor Advisory
https://support.apple.com/en-us/126646
Mailing List
http://seclists.org/fulldisclosure/2026/Mar/1
Scores
CVSS v3
8.8
EPSS
0.0006
EPSS Percentile
18.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-787
Status
published
Products (9)
Apple/iOS and iPadOS
unspecified - 15.8.7
Apple/iOS and iPadOS
unspecified - 16.7.15
Apple/iOS and iPadOS
unspecified - 17.2
apple/ipados
< 15.8.7
apple/iphone_os
< 15.8.7
apple/macos
< 14.2
Apple/macOS
unspecified - 14.2
apple/safari
< 17.2
Apple/Safari
unspecified - 17.2
Published
Mar 12, 2026
Tracked Since
Mar 12, 2026