Security News

Cybersecurity news aggregator

🍎
CRITICAL Updates Web Discovery

CVE-2026-20700

applemacosiosipadtvos
CVE-2026-20700 is a high-severity memory corruption vulnerability
Read Full Article →

CVE-2026-20700 high Description A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report. References https://www.securityweek.com/cisa-warns-of-exploited-solarwinds-notepad-microsoft-vulnerabilities/ https://thehackernews.com/2026/02/researchers-observe-in-wild.html https://securityaffairs.com/187937/security/u-s-cisa-adds-solarwinds-web-help-desk-notepad-microsoft-configuration-manager-and-apple-devices-flaws-to-its-known-exploited-vulnerabilities-catalog.html https://www.theregister.com/2026/02/12/apple_ios_263/ https://www.securityweek.com/apple-patches-ios-zero-day-exploited-in-extremely-sophisticated-attack/ https://www.malwarebytes.com/blog/news/2026/02/apple-patches-zero-day-flaw-that-could-let-attackers-take-control-of-devices https://www.helpnetsecurity.com/2026/02/12/apple-zero-day-fixed-cve-2026-20700/ https://www.cisa.gov/news-events/alerts/2026/02/12/cisa-adds-four-known-exploited-vulnerabilities-catalog https://thehackernews.com/2026/02/apple-fixes-exploited-zero-day.html https://securityaffairs.com/187890/security/apple-fixed-first-actively-exploited-zero-day-in-2026.html https://cyberscoop.com/apple-zero-day-vulnerability-cve-2026-20700/ https://www.bleepingcomputer.com/news/security/apple-fixes-zero-day-flaw-used-in-extremely-sophisticated-attacks/ https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20700 https://support.apple.com/en-us/126353 https://support.apple.com/en-us/126352 https://support.apple.com/en-us/126351 https://support.apple.com/en-us/126348 https://support.apple.com/en-us/126346 Details Source: Mitre , NVD Published : 2026-02-11 Updated : 2026-02-13 Known Exploited Vulnerability (KEV) Risk Information CVSS v2 Base Score : 6.8 Vector : CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C Severity : Medium CVSS v3 Base Score : 7.8 Vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Severity : High EPSS EPSS : 0.00008

Related Articles

HIGH Apple fixes zero-day flaw used in 'extremely sophisticated' attacks BleepingComputer CRITICAL Apple fixed first actively exploited zero-day in 2026 Web Discovery CRITICAL CVE-2026-20700: Apple Patches Zero-Day Exploited in Sophisticated Cyber Attacks | SOC Prime Web Discovery CRITICAL Apple Patches Everything: February 2026 - SANS ISC Web Discovery
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn