CVE-2026-20616
HIGHiPadOS < 18.7.5 - Out-of-bounds Write via USD File Processing
Title source: llmDescription
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termination.
References (5)
Core 5
Core References
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-26-176/
Release Notes, Vendor Advisory
https://support.apple.com/en-us/126347
Release Notes, Vendor Advisory
https://support.apple.com/en-us/126348
Release Notes, Vendor Advisory
https://support.apple.com/en-us/126350
Release Notes, Vendor Advisory
https://support.apple.com/en-us/126353
Scores
CVSS v3
8.8
EPSS
0.0007
EPSS Percentile
21.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-787
Status
published
Products (12)
Apple/iOS and iPadOS
< 18.7.5
Apple/iOS and iPadOS
unspecified - 18.7
apple/ipados
< 18.7.5
apple/iphone_os
< 18.7.5
Apple/macOS
< 14.8.4
Apple/macOS
< 26.3
apple/macos
14.0 - 14.8.4
Apple/macOS
unspecified - 14.8
Apple/macOS
unspecified - 26.3
apple/visionos
< 26.3
... and 2 more
Published
Feb 11, 2026
Tracked Since
Feb 18, 2026