{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-39868: This issue was addressed with improved input validation","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-39868","status":"final","version":"1","initial_release_date":"2026-06-29T19:43:11.341Z","current_release_date":"2026-06-30T13:00:06.334Z","revision_history":[{"date":"2026-06-29T19:43:11.341Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"This issue was addressed with improved input validation. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to cause unexpected system termination or corrupt kernel memory.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-39868 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-39868"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-39868"},{"category":"external","summary":"support.apple.com","url":"https://support.apple.com/en-us/127594"},{"category":"external","summary":"support.apple.com","url":"https://support.apple.com/en-us/127595"}]},"product_tree":{"branches":[{"category":"vendor","name":"Apple","branches":[{"category":"product_name","name":"iOS and iPadOS","branches":[{"category":"product_version_range","name":"<26.5.2","product":{"name":"Apple iOS and iPadOS <26.5.2","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:apple:ios_and_ipados:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Apple","branches":[{"category":"product_name","name":"macOS","branches":[{"category":"product_version_range","name":"<26.5.2","product":{"name":"Apple macOS <26.5.2","product_id":"CSAFPID-2","product_identification_helper":{"cpe":"cpe:2.3:a:apple:macos:*:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-39868","title":"This issue was addressed with improved input validation","notes":[{"category":"description","text":"This issue was addressed with improved input validation. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to cause unexpected system termination or corrupt kernel memory.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1","CSAFPID-2"]},"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL"},"products":["CSAFPID-1","CSAFPID-2"]}],"remediations":[{"category":"vendor_fix","details":"Update to a fixed version: 26.5.2.","product_ids":["CSAFPID-1","CSAFPID-2"]}]}]}