About the security content of iOS 18.7.9 and iPadOS 18.7.9

This document describes the security content of iOS 18.7.9 and iPadOS 18.7.9.

About Apple security updates

For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security releases page.

Apple security documents reference vulnerabilities by CVE-ID when possible.

For more information about security, see the Apple Product Security page.

iOS 18.7.9 and iPadOS 18.7.9

Accounts

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An app may be able to access sensitive user data

Description: An authorization issue was addressed with improved state management.

CVE-2026-28877: Rosyna Keller of Totally Not Malicious Software

APFS

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An app may be able to cause unexpected system termination

Description: A buffer overflow was addressed with improved bounds checking.

CVE-2026-28959: Dave G.

App Intents

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: A malicious app may be able to break out of its sandbox

Description: A logic issue was addressed with improved restrictions.

CVE-2026-28995: Vamshi Paili, Tony Gorez (@tonygo_) for Reverse Society

Audio

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: Processing an audio stream in a maliciously crafted media file may terminate the process

Description: The issue was addressed with improved memory handling.

CVE-2026-39869: David Ige of Beryllium Security

Calendar

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: A remote attacker may be able to cause a denial-of-service

Description: A resource exhaustion issue was addressed with improved input validation.

CVE-2026-28872: Alvin Aries Tapia

Calling Framework

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: A remote attacker may be able to cause a denial-of-service

Description: A denial-of-service issue was addressed with improved input validation.

CVE-2026-28894: an anonymous researcher

CoreServices

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: Processing a maliciously crafted file may lead to unexpected app termination

Description: The issue was addressed with improved checks.

CVE-2026-28936: Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs

FileProvider

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An app may be able to access sensitive user data

Description: A race condition was addressed with additional validation.

CVE-2026-43659: Alex Radocea

GeoServices

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An app may be able to access sensitive user data

Description: An information leakage was addressed with additional validation.

CVE-2026-28870: XiguaSec

ImageIO

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: Processing a maliciously crafted file may lead to unexpected app termination

Description: The issue was addressed with improved bounds checks.

CVE-2026-28977: Suresh Sundaram

IOHIDFamily

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An attacker may be able to cause unexpected app termination

Description: A memory corruption vulnerability was addressed with improved locking.

CVE-2026-28992: Johnny Franks (@zeroxjf)

IOHIDFamily

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An app may be able to determine kernel memory layout

Description: A logging issue was addressed with improved data redaction.

CVE-2026-28943: Google Threat Analysis Group

IOKit

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An app may be able to cause unexpected system termination

Description: A use after free issue was addressed with improved memory management.

CVE-2026-28969: Mihalis Haatainen, Ari Hawking, Ashish Kunwar

Kernel

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An app may be able to disclose kernel memory

Description: The issue was addressed with improved memory handling.

CVE-2026-43654: Vaagn Vardanian, Nathaniel Oh (@calysteon)

Kernel

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: A maliciously crafted disk image may bypass Gatekeeper checks

Description: A file quarantine bypass was addressed with additional checks.

CVE-2026-28954: Yiğit Can YILMAZ (@yilmazcanyigit)

Kernel

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: A local user may be able to cause unexpected system termination or read kernel memory

Description: A buffer overflow was addressed with improved input validation.

CVE-2026-28897: Robert Tran, popku1337, Billy Jheng Bing Jhong and Pan Zhenpeng (@Peterpan0927) of STAR Labs SG Pte. Ltd., Aswin kumar Gokulakannan

Kernel

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An app may be able to cause unexpected system termination

Description: An integer overflow was addressed with improved input validation.

CVE-2026-28952: Calif.io in collaboration with Claude and Anthropic Research

Kernel

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An app may be able to gain root privileges

Description: An authorization issue was addressed with improved state management.

CVE-2026-28951: Csaba Fitzl (@theevilbit) of Iru

Kernel

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An app may be able to cause unexpected system termination or write kernel memory

Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2026-28972: Billy Jheng Bing Jhong and Pan Zhenpeng (@Peterpan0927) of STAR Labs SG Pte. Ltd., Ryan Hileman via Xint Code (xint.io)

Kernel

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An app may be able to cause unexpected system termination

Description: A race condition was addressed with additional validation.

CVE-2026-28986: Tristan Madani (@TristanInSec) from Talence Security, Ryan Hileman via Xint Code (xint.io), Chris Betz

Kernel

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An app may be able to leak sensitive kernel state

Description: A logging issue was addressed with improved data redaction.

CVE-2026-28987: Dhiyanesh Selvaraj (@redroot97)

LaunchServices

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: A remote attacker may be able to cause a denial of service

Description: A type confusion issue was addressed with improved checks.

CVE-2026-28983: Ruslan Dautov

libxpc

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An app may be able to enumerate a user's installed apps

Description: This issue was addressed with improved checks.

CVE-2026-28882: Ilya Andr (andrd3v), Ilias Morad (A2nkF) of Voynich Group, Duy Trần (@khanhduytran0), @hugeBlack

Mail Drafts

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: Replying to an email could display remote images in Mail in Lockdown Mode

Description: A logic issue was addressed with improved checks.

CVE-2026-28929: Yiğit Can YILMAZ (@yilmazcanyigit)

mDNSResponder

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An attacker on the local network may be able to cause a denial-of-service

Description: The issue was addressed with improved memory handling.

CVE-2026-43653: Atul R V

mDNSResponder

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory

Description: A use after free issue was addressed with improved memory management.

CVE-2026-43668: Ricardo Prado, Anton Pakhunov

mDNSResponder

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An attacker on the local network may be able to cause a denial-of-service

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2026-43666: Ian van der Wurff (ian.nl)

Model I/O

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: Processing a maliciously crafted image may corrupt process memory

Description: The issue was addressed with improved memory handling.

CVE-2026-28940: Michael DePlante (@izobashi) of TrendAI Zero Day Initiative

Model I/O

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents

Description: The issue was addressed with improved checks.

CVE-2026-28941: Michael DePlante (@izobashi) of TrendAI Zero Day Initiative

Networking

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An attacker may be able to track users through their IP address

Description: This issue was addressed through improved state management.

CVE-2026-28906: Ilya Sc. Jowell A.

Privacy

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An app may be able to circumvent App Privacy Report logging

Description: This issue was addressed with additional entitlement checks.

CVE-2026-28873: Guy Dor

Quick Look

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: Parsing a maliciously crafted file may lead to an unexpected app termination

Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2026-43656: Peter Malone

SceneKit

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: A remote attacker may be able to cause unexpected app termination

Description: A buffer overflow was addressed with improved bounds checking.

CVE-2026-28846: Peter Malone

Shortcuts

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An app may be able to access user-sensitive data

Description: This issue was addressed by adding an additional prompt for user consent.

CVE-2026-28993: Doron Assness

Siri

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An app may be able to elevate privileges

Description: A logic issue was addressed with improved checks.

Status Bar

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An app may be able to capture a user's screen

Description: An issue with app access to camera metadata was addressed with improved logic.

CVE-2026-28957: Adriatik Raci

WebKit

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced

Description: The issue was addressed with improved input validation.

CVE-2026-28907: Cantina

WebKit

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced

Description: A validation issue was addressed with improved logic.

CVE-2026-43660: Cantina

WebKit

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: Processing maliciously crafted web content may lead to an unexpected process crash

Description: The issue was addressed with improved memory handling.

CVE-2026-28847: DARKNAVY (@DarkNavyOrg), Daniel Rhea, Anonymous working with TrendAI Zero Day Initiative

CVE-2026-28904: Luka Rački

CVE-2026-28903: Mateusz Krzywicki (iVerify.io)

CVE-2026-28955: wac and Kookhwan Lee working with TrendAI Zero Day Initiative

CVE-2026-28953: Maher Azzouzi

WebKit

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: Processing maliciously crafted web content may disclose sensitive user information

Description: This issue was addressed with improved access restrictions.

CVE-2026-28962: Vitaly Simonovich, Vaagn Vardanian, Luke Francis, kwak kiyong / kakaogames, greenbynox, Adel Bouachraoui

WebKit

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: Processing maliciously crafted web content may lead to an unexpected process crash

Description: The issue was addressed with improved input validation.

CVE-2026-28917: Vitaly Simonovich

Wi-Fi

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2026-28819: Wang Yu

Wi-Fi

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Wi-Fi packets

Description: A use after free issue was addressed with improved memory management.

CVE-2026-28994: Alex Radocea

zlib

Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation

Impact: Visiting a maliciously crafted website may leak sensitive data

Description: An information leakage was addressed with additional validation.

CVE-2026-28920: Brendon Tiszka of Google Project Zero

Additional recognition

Kernel

We would like to acknowledge Ryan Hileman via Xint Code (xint.io) for their assistance.

Location

We would like to acknowledge Kun Peeks (@SwayZGl1tZyyy) for their assistance.

Managed Configuration

We would like to acknowledge kado for their assistance.

Messages

We would like to acknowledge Bishal Kafle for their assistance.

Multi-Touch

We would like to acknowledge Asaf Cohen for their assistance.