Home / mailings APPLE-SA-06-29-2026-1 iOS 26.5.2 and iPadOS 26.5.2
Posted on 29 June 2026
Apple Security-announceAPPLE-SA-06-29-2026-1 iOS 26.5.2 and iPadOS 26.5.2
iOS 26.5.2 and iPadOS 26.5.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/en-us/127594.
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
IOGPUFamily
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to cause unexpected system termination
Description: A race condition was addressed with improved state
handling.
CVE-2026-43743: Lyutoon, Dun
Kernel
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to cause unexpected system termination or
write kernel memory
Description: The issue was addressed with improved input sanitization.
CVE-2026-43724: Hyunwoo Kim (@v4bel)
Kernel
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to leak sensitive kernel state
Description: The issue was addressed with improved input sanitization.
CVE-2026-43722: Feng Xue and XGPT of ThreatBook, Hyunwoo Kim (@v4bel)
Kernel
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to cause unexpected system termination or
corrupt kernel memory
Description: This issue was addressed with improved input validation.
CVE-2026-39868: Vladislav Shevchenko (Positive Technologies), Ye Zhang
(@VAR10CK) of Baidu Security, Billy Jheng Bing Jhong and Pan Zhenpeng
(@Peterpan0927) of STAR Labs SG Pte. Ltd.
libxslt
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: A double free issue was addressed with improved memory
management.
CVE-2026-43706: Tristan Madani (@TristanInSec) from Talence Security
libxslt
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: The issue was addressed with improved memory handling.
CVE-2026-43703: Tristan Madani (@TristanInSec) from Talence Security
Web Extensions
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: A malicious web extension may be able to cause an unexpected
process crash
Description: A use-after-free issue was addressed with improved memory
management.
WebKit Bugzilla: 314642
CVE-2026-43704: dr3dd
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may disclose
sensitive user information
Description: A cross-origin issue was addressed with improved tracking
of security origins.
WebKit Bugzilla: 315368
CVE-2026-43700: Vitaly Simonovich, Christian Meurer Xavier
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: A malicious website may exfiltrate data cross-origin
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 313357
CVE-2026-43735: Merrick Hare, Drinor Selmanaj (Sentry), Khai Tran, John
Lussier, Rhyru9, Kwak Kiyong, Song Nuri
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: A use-after-free issue was addressed with improved memory
management.
WebKit Bugzilla: 313693
CVE-2026-43734: Jonathan Alush-Aben
WebKit Bugzilla: 313857
CVE-2026-43726: Josef Korbel (Citadelo), Tristan Madani (@TristanInSec)
from Talence Security, Gia Bui (@yabeow) from Calif.io, Narendra Singh
(@_3P1C)
WebKit Bugzilla: 314398
CVE-2026-43709
WebKit Bugzilla: 317227
CVE-2026-43699: Tommy DeVoss from Braze Security Team (@thedawgyg)
WebKit Bugzilla: 315161
CVE-2026-43742: =D0=AE=D0=BB=D0=B8=D1=8F =D0=9C=D0=B5=D1=80=D1=86=D0=B0=D0==BB=D0=BE=D0=B2=D0=B0
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may disclose
sensitive user information
Description: A path handling issue was addressed with improved
validation.
WebKit Bugzilla: 313085
CVE-2026-43732: Nan Wang (@eternalsakura13)
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to memory
corruption
Description: A use-after-free issue was addressed with improved memory
management.
WebKit Bugzilla: 314115
CVE-2026-43731: dr3dd
WebKit Bugzilla: 313577
CVE-2026-43715: Milad Nasr and Nicholas Carlini with Claude, Anthropic
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: A use-after-free issue was addressed with improved memory
management.
WebKit Bugzilla: 313691
CVE-2026-43727: Tommy DeVoss from Braze Security Team (@thedawgyg), Gia
Bui (@yabeow) from Calif.io, Gurpreet Shergill
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: A malicious website may be able to process restricted web
content outside the sandbox
Description: The issue was addressed with improved input validation.
WebKit Bugzilla: 312832
CVE-2026-43725: Luke Francis
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 312781
CVE-2026-43663: Soyeon Park, Amy Burnett, Khai Tran, sherkito, Kota
Toda, HexRabbit (@h3xr4bb1t) and NiNi (@terrynini38514) of DEVCORE
Research Team, Using GLM =46rom Z.AI, Tristan Madani (@TristanInSec) =from
Talence Security, Brian Carpenter
WebKit Bugzilla: 313528
CVE-2026-39872: Utkarsh Pal, Ignacio Sanmillan (@ulexec)
WebKit Bugzilla: 314235
CVE-2026-43712: Kwak Kiyong, Song Nuri, Tristan Madani (@TristanInSec)
from Talence Security
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 315047
CVE-2026-43716: Tuan and Duc from Calif.io, OpenAI Codex Security - Amy
Burnett, Evan Lambert
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: An out-of-bounds access issue was addressed with improved
bounds checking.
WebKit Bugzilla: 317231
CVE-2026-43676: Mateusz Krzywicki (iVerify.io), dr3dd, Tommy DeVoss from
Braze Security Team (@thedawgyg)
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may result in the
disclosure of process memory
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 308046
CVE-2026-43740: Nathaniel Oh (@calysteon), Arni Hardarson
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Visiting a website may leak sensitive data
Description: A permissions issue was addressed with additional
restrictions.
WebKit Bugzilla: 314806
CVE-2026-43713: Jody Ritonga
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: A malicious website may exfiltrate data cross-origin
Description: The issue was addressed with improved input validation.
WebKit Bugzilla: 315306
CVE-2026-43708: Behzad Najjarpour Jabbari (@_G4ru_)
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: A memory corruption issue was addressed with improved
memory handling.
WebKit Bugzilla: 315951
CVE-2026-43707: OpenAI Codex Security - Amy Burnett
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to memory
corruption
Description: A type confusion issue was addressed with improved checks.
WebKit Bugzilla: 314528
CVE-2026-43705: dr3dd
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: A malicious website may be able to process restricted web
content outside the sandbox
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 315004
CVE-2026-43701: Aaron Grattafiori - NVIDIA AI Red Team
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: An out-of-bounds write issue was addressed with improved
input validation.
WebKit Bugzilla: 315365
CVE-2026-43745: OpenAI Codex Security - Amy Burnett, Khai Tran
WebKit Canvas
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: A use-after-free issue was addressed with improved memory
management.
WebKit Bugzilla: 313175
CVE-2026-43720: Gia Bui (@yabeow) from Calif.io, Josef Korbel
WebKit Storage
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: A malicious website may be able to silently hijack clipboard
data
Description: This issue was addressed through improved state management.
WebKit Bugzilla: 313478
CVE-2026-43721: Idan Masas
WebRTC
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: An out-of-bounds access issue was addressed with improved
bounds checking.
WebKit Bugzilla: 317324
CVE-2026-28979
WebRTC
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: A stack overflow was addressed with improved input
validation.
WebKit Bugzilla: 313350
CVE-2026-43718: Nan Wang (@eternalsakura13)
WebRTC
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: A use-after-free issue was addressed with improved memory
management.
WebKit Bugzilla: 313351
CVE-2026-43717: Nan Wang (@eternalsakura13)
WebKit Bugzilla: 314090
CVE-2026-43746: dr3dd
Additional recognition
libxslt
We would like to acknowledge Kubilay Berk Alkan for their assistance.
WebKit
We would like to acknowledge Henock Habte, Souta Sugiyama for their
assistance.
WebKit JavaScript Bindings
We would like to acknowledge Karan Kurani for their assistance.
This update is available through iTunes and Software Update on your iOS
device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes from
https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is presented
to the user when the iOS device is docked. We recommend applying the
update immediately if possible. Selecting Don't Install will present the
option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the day
that iTunes or the device checks for updates. You may manually obtain
the update via the Check for Updates button within iTunes, or the
Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 26.5.2 and iPadOS 26.5.2".
All information is also posted on the Apple Security Releases
web site: https://support.apple.com/100100.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
