Apple Patches First Actively Exploited Zero-Day of 2026 in iOS, macOS, and More

atadmin
By
atadmin
1 Min Read

Apple revealed its first actively exploited zero-day vulnerability of 2026, tracked as CVE-2026-20700 (CVSS 7.8), a memory corruption issue in dyld — Apple’s Dynamic Link Editor — that could allow attackers to execute arbitrary code.

“Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26,” the company said. Google Threat Analysis Group discovered and reported the bug.

Two additional CVEs were also issued in response to the same report: CVE-2025-14174 and CVE-2025-43529 (patched in December 2025), indicating the attacks used a chain of exploits targeting multiple vulnerabilities. The updates shipped across iOS, iPadOS, macOS Tahoe, tvOS, watchOS, and visionOS.

Source: The Hacker News →

Share This Article
Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *