CVE-2026-20700: Apple Multiple Buffer Overflow Vulnerability

CVE ID

CVE-2026-20700

Vulnerability Name

Apple Multiple Buffer Overflow Vulnerability

• Project: Apple
• Product: Multiple Products

Date

• Date Added: 2026-02-12
• Due Date: 2026-03-05

Description

Apple iOS, macOS, tvOS, watchOS, and visionOS contain an improper restriction of operations within the bounds of a memory buffer vulnerability that could allow an attacker with memory write the capability to execute arbitrary code.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://support.apple.com/en-us/126346 ; https://support.apple.com/en-us/126348 ; https://support.apple.com/en-us/126351 ; https://support.apple.com/en-us/126352 ; https://support.apple.com/en-us/126353 ; https://nvd.nist.gov/vuln/detail/CVE-2026-20700

Related Security News

• New Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch Released
• Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability

More CVEs Info

Common Vulnerabilities & Exposures (CVE) List