Primary

Context

Apple ImageIO and CoreMedia Memory Handling Vulnerability Allowing Process Memory Disclosure

Vulnerability

Patched

A vulnerability exists in the ImageIO and CoreMedia frameworks of multiple Apple operating systems, including macOS, iOS, iPadOS, watchOS, and tvOS. This vulnerability allows for the disclosure of process memory by processing maliciously crafted images or files. The issue arises from improper memory handling, which could lead to unintended memory access.

Impact

Exploitation of this vulnerability could result in unauthorized access to process memory, potentially allowing for the extraction of sensitive information.

Remediation

Users can update to the latest versions of macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5, iPadOS 18.7.5, watchOS 26.3, tvOS 26.3, and visionOS 26.3 to address this vulnerability.

Added: Feb 12, 2026, 12:04 AM

Updated: Feb 12, 2026, 12:04 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

4.2

remediation

7.7

relevance

3.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

0.6

exploitability

4.2

remediation

7.7

relevance

3.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple ImageIO and CoreMedia Memory Handling Vulnerability Allowing Process Memory Disclosure

Vulnerability

Impact

Remediation

Affected Products

Apple watchOS

Apple tvOS

Apple macOS Tahoe

Apple iPadOS

Apple visionOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating