CVE-2026-20639

An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3. Processing a maliciously crafted string may lead to heap corruption.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://support.apple.com/en-us/126348	Release Notes Vendor Advisory
https://support.apple.com/en-us/126795	Release Notes Vendor Advisory
https://support.apple.com/en-us/126796	Release Notes Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::

History

No history.

Information

Published : 2026-03-25 01:17

Updated : 2026-03-25 21:32

NVD link : CVE-2026-20639

Mitre link : CVE-2026-20639

CVE.ORG link : CVE-2026-20639

JSON object : View

Products Affected

apple

macos

CWE

CWE-190

Integer Overflow or Wraparound

{"id": "CVE-2026-20639", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2026-03-25T01:17:04.443", "references": [{"url": "https://support.apple.com/en-us/126348", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/126795", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/126796", "tags": ["Release Notes", "Vendor Advisory"], "source": "product-security@apple.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "An integer overflow was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3. Processing a maliciously crafted string may lead to heap corruption."}, {"lang": "es", "value": "Se abord\u00f3 un desbordamiento de entero con una validaci\u00f3n de entrada mejorada. Este problema est\u00e1 solucionado en macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.3. El procesamiento de una cadena creada con fines maliciosos puede provocar corrupci\u00f3n de la pila."}], "lastModified": "2026-03-25T21:32:57.330", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D66288AF-23BD-407A-81F5-F1DFBF84C622", "versionEndExcluding": "14.8.5", "versionStartIncluding": "14.0"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD21D2C9-BBEC-4E8E-B8D2-C92B7E6155E1", "versionEndExcluding": "15.7.5", "versionStartIncluding": "15.0"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0488A377-7971-4703-8823-05BF1E23CF48", "versionEndExcluding": "26.3", "versionStartIncluding": "26.0"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}