Volerion logoVolerion
Volerion logoVolerion

Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability in IOSurfaceAccelerator Allowing Arbitrary Code Execution with Kernel Privileges

Vulnerability

A vulnerability allowing an out-of-bounds write has been identified in the IOSurfaceAccelerator component of Apple iOS, iPadOS, and macOS. This issue could enable an application to execute arbitrary code with kernel privileges. The vulnerability arises from insufficient input validation. Apple has acknowledged reports of active exploitation of this vulnerability.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of code with elevated privileges, potentially allowing for significant system compromise.

Remediation

Users can update to the latest versions of macOS Monterey 12.6.5, macOS Big Sur 11.7.6, iOS 16.4.1, iPadOS 16.4.1, or iOS 15.7.5 and iPadOS 15.7.5. Instructions for updating can be found on the Apple Support website.

Added: May 15, 2026, 11:02 AM
Updated: May 15, 2026, 11:02 AM

Vulnerability Rating

Custom Algorithm
spread
8.4
impact
7.5
exploitability
4.4
remediation
7.7
relevance
0.0
threat
8.4
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.