Primary

Context

Apple iOS and iPadOS Multi-Touch Component Denial-of-Service Vulnerability

Vulnerability

Patched

A denial-of-service vulnerability has been identified in the Multi-Touch component of Apple iOS and iPadOS. This issue, present in iOS 26.0 and iPadOS 26.0, allows a malicious Human Interface Device (HID) to cause an unexpected process crash. The vulnerability arises from inadequate bounds checks, which can be exploited by sending crafted input through a connected HID device.

Impact

Exploitation of this vulnerability leads to an unexpected process crash, causing a denial-of-service condition on the affected device.

Remediation

Users can update to iOS 26.1 or iPadOS 26.1 to address this vulnerability.

Added: Nov 4, 2025, 2:57 AM

Updated: Nov 4, 2025, 2:57 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple iOS and iPadOS Multi-Touch Component Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Apple iPadOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating