HIGHCVE-2026-20639Published Modified CNA apple
CVE-2026-20639: An integer overflow was addressed with improved input validation
An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3. Processing a maliciously crafted string may lead to heap corruption.
Metrics
- CVSS v3.1
- 7.5
- Severity
- HIGH
- Fixed in
- 14.8.5
- Affected Products
- 1
Fix available
14.8.515.7.526.3
Affected packages
- Apple / macOS< 14.8.5 (from 0) · < 15.7.5 (from 0) · < 26.3 (from 0)
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H