CVE-2026-20700

Name of the Vulnerable Software and Affected Versions: Apple products versions prior to iOS 26.3, iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, watchOS 26.3, and visionOS 26.3.

Description: A memory corruption vulnerability exists in the dyld component of Apple products. This flaw, tracked as CVE-2026-20700, allows an attacker with memory write capabilities to execute arbitrary code on a targeted device. The vulnerability has been actively exploited in sophisticated attacks against specific individuals. Google's Threat Analysis Group discovered the issue and confirmed its exploitation. The vulnerability affects a wide range of Apple devices, including iPhones, iPads, Macs, Apple TVs, Apple Watches, and devices running visionOS. Exploitation may involve the use of other vulnerabilities in conjunction with CVE-2026-20700.

Recommendations: Update to iOS 26.3 or later. Update to iPadOS 26.3 or later. Update to macOS Tahoe 26.3 or later. Update to tvOS 26.3 or later. Update to watchOS 26.3 or later. Update to visionOS 26.3 or later.