Apple iPadOS
Moderate fix2 remedies
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*
Moderate fix2 remedies
Apple Out-of-Bounds Access Vulnerability in CoreMedia Component Allowing Process Termination
Vulnerability
Patched
A vulnerability allowing out-of-bounds access has been identified in the CoreMedia component of various Apple operating systems, including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS. This vulnerability arises from insufficient bounds checking, which can be exploited by processing a maliciously crafted audio stream, leading to an unexpected process crash.
Impact
Exploitation of this vulnerability causes a use-after-free condition, which can lead to memory corruption and allow for arbitrary code execution.
Remediation
Users can update to iOS 18.7.7, iPadOS 18.7.7, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, or watchOS 26.4 to address this vulnerability.
Added: Mar 25, 2026, 3:04 AM
Updated: Mar 25, 2026, 3:04 AM
Vulnerability Rating
Custom Algorithm
spread
8.4impact
0.6exploitability
4.2remediation
7.7relevance
4.7threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.