← back
CVE-2026-28992

CVE-2026-28992

CVSS 4.7 MEDIUMEPSS 0.1%CWE-362
Vexday Risk Score
33Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
CVSS 4.7EPSS 0.1%KEV nãoPoC públicaNuclei Metasploit Patch
Lifecycle
14 Feb 2026Public PoC
11 May 2026Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An attacker may be able to cause unexpected app termination.
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →