CVE-2026-28985_CVE-2026-28985

6.2 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Description

A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5. An attacker on the local network may be able to cause a denial-of-service.

Basic Information

ID CVE-2026-28985

Source apple

Published May 11, 2026 at 20:08

Modified May 12, 2026 at 17:26

Affected Product

Vendor Apple

Product iOS and iPadOS

Affected Versions Apple iOS and iPadOS 0
Apple macOS 0
Apple tvOS 0

CWE Classification

CWE-476

References

{
    "lastseen": "",
    "description": "A null pointer dereference was addressed with improved input validation. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5. An attacker on the local network may be able to cause a denial-of-service.",
    "published": "2026-05-11T20:08:34.311Z",
    "modified": "2026-05-12T17:26:29.556Z",
    "type": "cve",
    "title": "CVE-2026-28985",
    "source": "apple",
    "references": "https://support.apple.com/en-us/127110\nhttps://support.apple.com/en-us/127115\nhttps://support.apple.com/en-us/127118",
    "id": "CVE-2026-28985",
    "bulletinFamily": "",
    "cwe": [
        "CWE-476"
    ],
    "cvelist": null,
    "sourceData": "Apple iOS and iPadOS 0\nApple macOS 0\nApple tvOS 0",
    "sourceHref": "",
    "cvss": {
        "score": 6.2,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "iOS and iPadOS",
    "version": "0",
    "vendor": "Apple",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}