In an advisory from Apple, the company said it has released updates for iOS, iPadOS, macOS Tahoe, tvOS, watchOS and visionOS to address a zero-day memory corruption flaw in dyld that has been exploited in targeted attacks and could allow arbitrary code execution, and that Google Threat Analysis Group discovered and reported the bug.
KEY FACTS
- Vulnerability Memory corruption in dyld tracked as CVE-2026-20700
- Affected iPhone 11 and later, several iPad models, Macs running macOS Tahoe, Apple TV, Apple Watch and Apple Vision Pro
- Discovery Google Threat Analysis Group named in the advisory
- Fix Updates released as iOS 26.3, iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, watchOS 26.3 and visionOS 26.3
The issue is tracked as the CVE-2026-20700 entry at NVD and is described as a memory corruption defect in dyld, Apple’s Dynamic Link Editor. An attacker with the ability to write to memory could exploit the flaw to execute arbitrary code on vulnerable devices. The advisory did not include a CVSS score for this entry.
Apple issued the updates for the listed current releases and also published patches for older platforms, including iOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4 and Safari 26.3 where applicable. The advisory lists device and OS coverage for each release.
The advisory notes that the vulnerability was used in highly targeted, sophisticated attacks against specific individuals on versions before iOS 26. The company previously issued fixes in December 2025 for two related exploited flaws, CVE-2025-14174 and CVE-2025-43529.
Customers are advised to install the updates according to their device guidance. The advisory does not name affected exploit chains or provide technical indicators for detection.
WHY IT MATTERS
The fixes address an actively exploited zero-day that can yield full code execution on targeted devices. Installing the supplied updates reduces the risk of compromise for affected systems.