Primary

Context

Apple CoreMedia Out-of-Bounds Access Vulnerability Allowing Memory Corruption

Vulnerability

Patched

A vulnerability in the CoreMedia framework of Apple software products, including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS, allows for out-of-bounds access in media processing. This issue could lead to memory corruption, causing unexpected application termination or disruption of normal processing. The vulnerability arises from insufficient bounds checking when handling certain media files.

Impact

Exploitation of this vulnerability can cause memory corruption, leading to unexpected application termination or disruption of normal processing.

Remediation

Users can update to iOS 18.6, iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, tvOS 18.6, visionOS 2.6, or watchOS 11.6 to address this vulnerability.

Added: Apr 2, 2026, 8:48 PM

Updated: Apr 2, 2026, 8:48 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

1.3

exploitability

4.2

remediation

7.7

relevance

5.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

1.3

exploitability

4.2

remediation

7.7

relevance

5.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple CoreMedia Out-of-Bounds Access Vulnerability Allowing Memory Corruption

Vulnerability

Impact

Remediation

Affected Products

Apple iPadOS

Apple macOS Sequoia

Apple tvOS

Apple visionOS

Apple watchOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating