How many vulnerabilities does iOS 26.1 patch?

iOS 26.1 and iPadOS 26.1 patch approximately 56 vulnerabilities affecting various system components including WebKit, kernel, privacy protections, and multiple other system services. These vulnerabilities range from critical remote code execution flaws to privacy leaks and sandbox escapes.

What are the most critical vulnerabilities patched in iOS 26.1?

The most critical vulnerabilities include CVE-2025-43432 (CVSS score 9.8), a use-after-free issue in WebKit that could lead to unexpected process crashes, and CVE-2025-43429 (CVSS score 9.8), which affects array allocation sinking and could cause unexpected process crashes when processing maliciously crafted web content. Additional critical flaws include CVE-2025-43433 and CVE-2025-43431 (CVSS 8.8), WebKit memory corruption vulnerabilities, and CVE-2025-43398 (CVSS 8.8), a kernel memory handling vulnerability.

What WebKit vulnerabilities were fixed in iOS 26.1?

iOS 26.1 fixes multiple WebKit vulnerabilities including CVE-2025-43432 (CVSS 9.8), a use-after-free issue; CVE-2025-43429 (CVSS 9.8), array allocation sinking issues; CVE-2025-43433 and CVE-2025-43431 (CVSS 8.8), memory corruption vulnerabilities; CVE-2025-43438, CVE-2025-43457, and CVE-2025-43434 (CVSS 8.1), remote code execution vulnerabilities; and CVE-2025-43421 (CVSS 6.5), a process crash vulnerability. These flaws could be exploited through maliciously crafted web content.

What is CVE-2025-43398?

CVE-2025-43398 is a kernel memory handling vulnerability with a CVSS score of 8.8. This flaw could allow a malicious app to cause unexpected system termination through kernel memory manipulation, potentially leading to crashes or system instability on affected iOS and iPadOS devices.

What sandbox escape vulnerabilities were patched in iOS 26.1?

iOS 26.1 patches two significant sandbox escape vulnerabilities: CVE-2025-43407 (CVSS 8.2) affecting Assets, which allowed apps to break out of sandbox restrictions to access system-level data, and CVE-2025-43448 (CVSS 8.2) affecting CloudKit, which was addressed through improved validation of symbolic links. These vulnerabilities could have allowed malicious apps to bypass security restrictions.

What privacy vulnerabilities were fixed in iOS 26.1?

iOS 26.1 addresses multiple privacy vulnerabilities including CVE-2025-43455, which allowed malicious apps to take screenshots of sensitive Apple Account data; CVE-2025-43350 in Control Center allowing viewing of restricted content from locked screens; CVE-2025-43460 in Status Bar enabling viewing of sensitive information from locked devices; and privacy issues in Photos, Contacts, Find My, Notes, On-device Intelligence, and Sandbox Profiles that could leak sensitive information or enable user fingerprinting and tracking. Additional privacy flaws affected Text Input, Mail Drafts, Camera, and various system services.

Was the Stolen Device Protection feature vulnerable in iOS?

Yes, the Stolen Device Protection feature contained a bypass vulnerability tracked as CVE-2025-43422. This feature is designed to prevent unauthorized device modifications when stolen, but the vulnerability could be exploited by attackers with physical access to the device. Apple has patched this bypass in iOS 26.1.

What remote code execution vulnerabilities were fixed in iOS 26.1?

iOS 26.1 fixes multiple remote code execution vulnerabilities in WebKit, specifically CVE-2025-43438, CVE-2025-43457, and CVE-2025-43434, all with a CVSS score of 8.1. These are use-after-free vulnerabilities that could allow attackers to trigger Safari crashes through malicious websites and potentially execute arbitrary code.

What Apple Neural Engine vulnerabilities were patched?

iOS 26.1 patches CVE-2025-43447 and CVE-2025-43462, both with a CVSS score of 7.5, affecting the Apple Neural Engine. These vulnerabilities could allow malicious apps to cause unexpected system termination or corrupt kernel memory, potentially leading to crashes or system instability.

What privacy issues were fixed in Apple's Text Input and Mail features?

Apple's Text Input component (CVE-2025-43452) had a vulnerability that could display sensitive information in keyboard suggestions even on locked screens. The Mail Drafts feature (CVE-2025-43496) could load remote content despite privacy settings being disabled, potentially exposing user activity to third parties.

What Multi-Touch vulnerability was discovered by Google?

Multi-Touch processing (CVE-2025-43424) was found to be vulnerable to malicious Human Interface Device (HID) attacks. This vulnerability was discovered by Google Threat Analysis Group and could allow attackers to exploit touch input handling on iOS and iPadOS devices.

How many vulnerabilities were patched in macOS 26.1?

Apple patched 105 vulnerabilities in macOS 26.1, which was released simultaneously with iOS 26.1 on November 3, 2025. This was the highest number of vulnerabilities addressed across all Apple products in this security update cycle.

What Camera privacy vulnerability was fixed in iOS 26.1?

The Camera component vulnerability (CVE-2025-43450) could leak information about the current camera view before permission was granted to an app. This could have allowed malicious apps to obtain information about what the camera was seeing even before the user approved camera access.

What permission issues were fixed in iOS system services?

iOS 26.1 fixed permission and privacy issues in various system services including Accessibility (CVE-2025-43442), CoreServices (CVE-2025-43436), Installer (CVE-2025-43444), and Apple TV Remote (CVE-2025-43449). These vulnerabilities allowed apps to enumerate installed applications, track users, or fingerprint devices without proper authorization.

Advisory

Apple releases security update iOS 26.1 and iPadOS 26.1 patching over 50 vulnerabilities, at least two critical

Q: What security updates did Apple release on November 3, 2025?

Apple released security updates with version iOS 26.1 and iPadOS 26.1 on November 3, 2025, patching approximately 56 vulnerabilities affecting core system components, privacy protections, and the WebKit browser engine. The updates address critical security flaws including use-after-free issues, memory corruption vulnerabilities, and sandbox escape vulnerabilities.

Q: Which Apple devices are affected by these vulnerabilities?

The security updates cover devices from iPhone 11 and all subsequent models, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later.

published: Nov. 4, 2025

Take action: Time for the monthly update your iPhones and iPads. Versions iOS 26.1/iPadOS 26.1 fix an impressive number of flaws with some critical. Fortunately, they are not reported as exploited, so you have some time. But it's still wise to click update, read a book for an hour instead of waiting for the next urgent advisory for active exploitation.

Learn More

Apple has released a security updates with version iOS 26.1 and iPadOS 26.1 on November 3, 2025, patching approximately 56 vulnerabilities affecting core system components, privacy protections, and the WebKit browser engine.

Vulnerabilities summary:

CVE-2025-43432 (CVSS score 9.8) - A use-after-free issue in WebKit that could lead to unexpected process crashes.
CVE-2025-43429 (CVSS score 9.8) - Multiple issues affecting array allocation sinking that could cause unexpected process crashes when processing maliciously crafted web content.
CVE-2025-43433 and CVE-2025-43431 (CVSS score 8.8) - WebKit Memory Corruption Vulnerabilities that could be exploited through crafted web content.
CVE-2025-43398 (CVSS score 8.8) - Kernel Memory Handling Vulnerability. An app could cause unexpected system termination through kernel memory manipulation.
CVE-2025-43407 (CVSS score 8.2) - Assets Sandbox Escape Apps could break out of sandbox restrictions to access system-level data.
CVE-2025-43448 (CVSS score 8.2) - CloudKit Sandbox Escape. Sandbox escape vulnerability affecting CloudKit, addressed through improved validation of symbolic links.
CVE-2025-43438, CVE-2025-43457, and CVE-2025-43434 (CVSS score 8.1) - WebKit Remote Code Execution Vulnerabilities. Use-after-free vulnerabilities that could allow attackers to trigger Safari crashes through malicious websites.
CVE-2025-43447 and CVE-2025-43462 (CVSS score 7.5) - Apple Neural Engine Vulnerabilities allowing malicious apps to cause unexpected system termination or corrupt kernel memory
CVE-2025-43421 (CVSS score 6.5) - WebKit Process Crash Vulnerability. Processing maliciously crafted web content could lead to unexpected process crashes due to issues with array allocation handling.
CVE-2025-43455 (CVSS score 5.5) - Apple Account Privacy Vulnerability. A malicious app could take screenshots of sensitive information in embedded views, such as Apple Account data.
CVE-2025-43379 (CVSS score 5.5) - AppleMobileFileIntegrity Vulnerability. Apps could access protected user data through improper symlink validation.

Apple also addressed multiple privacy-related vulnerabilities across various system components.

The Control Center vulnerability (CVE-2025-43350) could have allowed attackers to view restricted content from locked screens.
The Status Bar flaw (CVE-2025-43460) enabled viewing sensitive user information from physically accessed locked devices.
Multiple components including Photos (CVE-2025-43391), Contacts (CVE-2025-43426), Find My (CVE-2025-43507), Notes (CVE-2025-43389), On-device Intelligence (CVE-2025-43439), and Sandbox Profiles (CVE-2025-43500) contained privacy issues that could leak sensitive information or enable user fingerprinting and tracking.
Apple's Text Input component (CVE-2025-43452) could display sensitive information in keyboard suggestions even on locked screens
Mail Drafts feature (CVE-2025-43496) could load remote content despite privacy settings being disabled.
The Stolen Device Protection feature (CVE-2025-43422), designed to prevent unauthorized device modifications when stolen, contained a bypass that attackers with physical access could exploit.
Multi-Touch processing (CVE-2025-43424) was vulnerable to malicious Human Interface Device (HID) attacks discovered by Google Threat Analysis Group.
The Camera component (CVE-2025-43450) could leak information about the current camera view before permission was granted. Various other system services including Accessibility (CVE-2025-43442)
CoreServices (CVE-2025-43436), Installer (CVE-2025-43444), and Apple TV Remote (CVE-2025-43449) contained permission and privacy issues that allowed apps to enumerate installed applications, track users, or fingerprint devices.

The security updates covers devices from iPhone 11 and all subsequent models, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later.

Apple strongly recommends that all users install iOS 26.1 and iPadOS 26.1 immediately. Users can update their devices by navigating to Settings, selecting General, then Software Update. The update can be installed over-the-air directly on the device, though users should ensure adequate battery charge or connect to power during installation.

Apple simultaneously released security updates across its entire product ecosystem, including macOS 26.1 (105 vulnerabilities addressed), Safari 26.1 (21 vulnerabilities), visionOS 26.1 (43 vulnerabilities), watchOS 26.1 (32 vulnerabilities), and Xcode 26.1 (2 vulnerabilities).

Apple releases security update iOS 26.1 and iPadOS 26.1 patching over 50 vulnerabilities, at least two critical

Read More
Trust Wallet browser extension breached, $7 Million stolen …
7-Zip vulnerability that enables remote code execution actively …
Critical VMware vulnerabilities enable Virtual Machine escape, host …
Mozilla Firefox patches critical security vulnerabilities with exploit …
Windows AFD for WinSock vulnerability exploited by North …