CVE-2026-20687

HIGH

Apple Ios And Ipados < 18.7.7 - Denial of Service

Title source: rule

Description

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, watchOS 26.4. An app may be able to cause unexpected system termination or write kernel memory.

Exploits (3)

nomisec WORKING POC 30 stars

by zeroxjf · poc

https://github.com/zeroxjf/CVE-2026-20687-AppleSEPKeyStore-UAF

View Code ZIP pw:eip

nomisec WRITEUP 14 stars

by zeroxjf · poc

https://github.com/zeroxjf/CVE-2026-20687-AppleJPEGDriver-UAF

View Code ZIP pw:eip

nomisec WRITEUP

by enfilade-labs · poc

https://github.com/enfilade-labs/CVE-2026-20687-AppleJPEGDriver-UAF

View Code ZIP pw:eip

References (6)

https://support.apple.com/en-us/126792

https://support.apple.com/en-us/126793

https://support.apple.com/en-us/126794

https://support.apple.com/en-us/126795

https://support.apple.com/en-us/126797

https://support.apple.com/en-us/126798

Scores

CVSS v3 7.1

EPSS 0.0001

EPSS Percentile 1.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

Details

CWE

CWE-416

Status published

Products (11)

Apple/iOS and iPadOS < 18.7.7

Apple/iOS and iPadOS < 26.4

apple/ipados < 18.7.7

apple/iphone_os < 18.7.7

Apple/macOS < 15.7.5

Apple/macOS < 26.4

apple/macos 15.0 - 15.7.5

Apple/tvOS < 26.4

apple/tvos < 26.4

Apple/watchOS < 26.4

... and 1 more

Published Mar 25, 2026

Tracked Since Mar 25, 2026