Home / mailings APPLE-SA-06-29-2026-2 macOS Tahoe 26.5.2
Posted on 29 June 2026
Apple Security-announceAPPLE-SA-06-29-2026-2 macOS Tahoe 26.5.2
macOS Tahoe 26.5.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/en-us/127595.
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
IOGPUFamily
Available for: macOS Tahoe
Impact: An app may be able to cause unexpected system termination
Description: A race condition was addressed with improved state
handling.
CVE-2026-43743: Lyutoon, Dun
Kernel
Available for: macOS Tahoe
Impact: An app may be able to cause unexpected system termination or
write kernel memory
Description: The issue was addressed with improved input sanitization.
CVE-2026-43724: Hyunwoo Kim (@v4bel)
Kernel
Available for: macOS Tahoe
Impact: An app may be able to leak sensitive kernel state
Description: The issue was addressed with improved input sanitization.
CVE-2026-43722: Feng Xue and XGPT of ThreatBook, Hyunwoo Kim (@v4bel)
Kernel
Available for: macOS Tahoe
Impact: An app may be able to cause unexpected system termination or
corrupt kernel memory
Description: This issue was addressed with improved input validation.
CVE-2026-39868: Vladislav Shevchenko (Positive Technologies), Ye Zhang
(@VAR10CK) of Baidu Security, Billy Jheng Bing Jhong and Pan Zhenpeng
(@Peterpan0927) of STAR Labs SG Pte. Ltd.
libxslt
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: A double free issue was addressed with improved memory
management.
CVE-2026-43706: Tristan Madani (@TristanInSec) from Talence Security
libxslt
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: The issue was addressed with improved memory handling.
CVE-2026-43703: Tristan Madani (@TristanInSec) from Talence Security
Web Extensions
Available for: macOS Tahoe
Impact: A malicious web extension may be able to cause an unexpected
process crash
Description: A use-after-free issue was addressed with improved memory
management.
WebKit Bugzilla: 314642
CVE-2026-43704: dr3dd
WebKit
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may disclose
sensitive user information
Description: A cross-origin issue was addressed with improved tracking
of security origins.
WebKit Bugzilla: 315368
CVE-2026-43700: Vitaly Simonovich, Christian Meurer Xavier
WebKit
Available for: macOS Tahoe
Impact: A malicious website may exfiltrate data cross-origin
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 313357
CVE-2026-43735: Merrick Hare, Drinor Selmanaj (Sentry), Khai Tran, John
Lussier, Rhyru9, Kwak Kiyong, Song Nuri
WebKit
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: A use-after-free issue was addressed with improved memory
management.
WebKit Bugzilla: 313693
CVE-2026-43734: Jonathan Alush-Aben
WebKit Bugzilla: 313857
CVE-2026-43726: Josef Korbel (Citadelo), Tristan Madani (@TristanInSec)
from Talence Security, Gia Bui (@yabeow) from Calif.io, Narendra Singh
(@_3P1C)
WebKit Bugzilla: 314398
CVE-2026-43709
WebKit Bugzilla: 317227
CVE-2026-43699: Tommy DeVoss from Braze Security Team (@thedawgyg)
WebKit Bugzilla: 315161
CVE-2026-43742: =D0=AE=D0=BB=D0=B8=D1=8F =D0=9C=D0=B5=D1=80=D1=86=D0=B0=D0==BB=D0=BE=D0=B2=D0=B0
WebKit
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may disclose
sensitive user information
Description: A path handling issue was addressed with improved
validation.
WebKit Bugzilla: 313085
CVE-2026-43732: Nan Wang (@eternalsakura13)
WebKit
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to memory
corruption
Description: A use-after-free issue was addressed with improved memory
management.
WebKit Bugzilla: 314115
CVE-2026-43731: dr3dd
WebKit Bugzilla: 313577
CVE-2026-43715: Milad Nasr and Nicholas Carlini with Claude, Anthropic
WebKit
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: A use-after-free issue was addressed with improved memory
management.
WebKit Bugzilla: 313691
CVE-2026-43727: Tommy DeVoss from Braze Security Team (@thedawgyg), Gia
Bui (@yabeow) from Calif.io, Gurpreet Shergill
WebKit
Available for: macOS Tahoe
Impact: A malicious website may be able to process restricted web
content outside the sandbox
Description: The issue was addressed with improved input validation.
WebKit Bugzilla: 312832
CVE-2026-43725: Luke Francis
WebKit
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 312781
CVE-2026-43663: Soyeon Park, Amy Burnett, Khai Tran, sherkito, Kota
Toda, HexRabbit (@h3xr4bb1t) and NiNi (@terrynini38514) of DEVCORE
Research Team, Using GLM =46rom Z.AI, Tristan Madani (@TristanInSec) =from
Talence Security, Brian Carpenter
WebKit Bugzilla: 313528
CVE-2026-39872: Utkarsh Pal, Ignacio Sanmillan (@ulexec)
WebKit Bugzilla: 314235
CVE-2026-43712: Kwak Kiyong, Song Nuri, Tristan Madani (@TristanInSec)
from Talence Security
WebKit
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 315047
CVE-2026-43716: Tuan and Duc from Calif.io, OpenAI Codex Security - Amy
Burnett, Evan Lambert
WebKit
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: An out-of-bounds access issue was addressed with improved
bounds checking.
WebKit Bugzilla: 317231
CVE-2026-43676: Mateusz Krzywicki (iVerify.io), dr3dd, Tommy DeVoss from
Braze Security Team (@thedawgyg)
WebKit
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may result in the
disclosure of process memory
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 308046
CVE-2026-43740: Nathaniel Oh (@calysteon), Arni Hardarson
WebKit
Available for: macOS Tahoe
Impact: Visiting a website may leak sensitive data
Description: A permissions issue was addressed with additional
restrictions.
WebKit Bugzilla: 314806
CVE-2026-43713: Jody Ritonga
WebKit
Available for: macOS Tahoe
Impact: A malicious website may exfiltrate data cross-origin
Description: The issue was addressed with improved input validation.
WebKit Bugzilla: 315306
CVE-2026-43708: Behzad Najjarpour Jabbari (@_G4ru_)
WebKit
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: A memory corruption issue was addressed with improved
memory handling.
WebKit Bugzilla: 315951
CVE-2026-43707: OpenAI Codex Security - Amy Burnett
WebKit
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to memory
corruption
Description: A type confusion issue was addressed with improved checks.
WebKit Bugzilla: 314528
CVE-2026-43705: dr3dd
WebKit
Available for: macOS Tahoe
Impact: A malicious website may be able to process restricted web
content outside the sandbox
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 315004
CVE-2026-43701: Aaron Grattafiori - NVIDIA AI Red Team
WebKit
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: An out-of-bounds write issue was addressed with improved
input validation.
WebKit Bugzilla: 315365
CVE-2026-43745: OpenAI Codex Security - Amy Burnett, Khai Tran
WebKit Canvas
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: A use-after-free issue was addressed with improved memory
management.
WebKit Bugzilla: 313175
CVE-2026-43720: Gia Bui (@yabeow) from Calif.io, Josef Korbel
WebKit Storage
Available for: macOS Tahoe
Impact: A malicious website may be able to silently hijack clipboard
data
Description: This issue was addressed through improved state management.
WebKit Bugzilla: 313478
CVE-2026-43721: Idan Masas
WebRTC
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: An out-of-bounds access issue was addressed with improved
bounds checking.
WebKit Bugzilla: 317324
CVE-2026-28979
WebRTC
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: A stack overflow was addressed with improved input
validation.
WebKit Bugzilla: 313350
CVE-2026-43718: Nan Wang (@eternalsakura13)
WebRTC
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: A use-after-free issue was addressed with improved memory
management.
WebKit Bugzilla: 313351
CVE-2026-43717: Nan Wang (@eternalsakura13)
WebKit Bugzilla: 314090
CVE-2026-43746: dr3dd
Additional recognition
libxslt
We would like to acknowledge Kubilay Berk Alkan for their assistance.
WebKit
We would like to acknowledge Henock Habte, Souta Sugiyama for their
assistance.
WebKit JavaScript Bindings
We would like to acknowledge Karan Kurani for their assistance.
macOS Tahoe 26.5.2 may be obtained from the Mac App Store or Apple's
Software Downloads web site: https://support.apple.com/downloads/
All information is also posted on the Apple Security Releases
web site: https://support.apple.com/100100.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
