{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-28875", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2026-03-03T16:36:03.974Z", "datePublished": "2026-03-25T00:32:24.023Z", "dateUpdated": "2026-04-02T18:19:26.961Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "A remote attacker may be able to cause a denial-of-service"}]}], "affected": [{"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"version": "0", "status": "affected", "lessThan": "26.4", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 26.4 and iPadOS 26.4. A remote attacker may be able to cause a denial-of-service."}], "references": [{"url": "https://support.apple.com/en-us/126792"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:19:26.961Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-120", "lang": "en", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-25T14:48:55.223817Z", "id": "CVE-2026-28875", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T14:49:48.198Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-28875", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-25T14:48:55.223817Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T14:49:35.274Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"status": "affected", "version": "0", "lessThan": "26.4", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/126792"}], "descriptions": [{"lang": "en", "value": "A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 26.4 and iPadOS 26.4. A remote attacker may be able to cause a denial-of-service."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "A remote attacker may be able to cause a denial-of-service"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-03-25T00:32:24.023Z"}}}, "cveMetadata": {"cveId": "CVE-2026-28875", "state": "PUBLISHED", "dateUpdated": "2026-03-25T14:49:48.198Z", "dateReserved": "2026-03-03T16:36:03.974Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2026-03-25T00:32:24.023Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "F813DB63-2B55-4E0B-9073-5465C65F69D6", "versionEndExcluding": "26.4", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "01612D13-BE5B-43F8-B53E-5BF57F2A5B0C", "versionEndExcluding": "26.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 26.4 and iPadOS 26.4. A remote attacker may be able to cause a denial-of-service."}], "id": "CVE-2026-28875", "lastModified": "2026-03-25T18:28:51.183", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-25T01:17:11.307", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/126792"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "iOS and iPadOS", "source": "cna", "vendor": "Apple"}, "product": "ios_and_ipados", "vendor": "apple"}], "analysis": {"en": {"generated_at": "2026-03-25T19:59:31.652187+00:00", "value": {"mitigation_remediation": ["Update the device to iOS\u202f26.4 or iPadOS\u202f26.4 immediately."], "summary": {"action": "Patch Now", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "Apple iOS and iPadOS devices running versions prior to 26.4 are affected. The vulnerability is fixed in iOS 26.4 and iPadOS 26.4. Devices with later or updated firmware are not vulnerable.", "description_and_impact": "A buffer overflow that can be triggered remotely by writing data beyond the intended bounds, leading to unmanaged memory corruption. The flaw can crash the operating system, resulting in a denial\u2011of\u2011service. It is classified as CWE\u2011120, a buffer copy without proper bounds checks. The key consequence is that any affected device would become unusable until reboot or patch, impacting availability.", "risk_and_exploitability": "With a CVSS score of 7.5 the severity is high, while the EPSS score is below 1\u202f% indicating a low probability of exploitation. The vulnerability is not listed in the CISA KEV catalog. Because the flaw is remote and can lead to a critical denial\u2011of\u2011service, any device running the affected OS should be patched as soon as possible. The exploit path requires a remote trigger; specific details are not provided but the attack vector is inferred to be remote based on the description."}}}}, "created": "2026-03-25T11:36:24.387812+00:00", "updated": "2026-03-25T21:16:41.983166+00:00", "vendors": ["apple", "apple$PRODUCT$ios_and_ipados"]}