Apple dyld memory corruption flaw actively exploited (CVE-2026-20700)
Vulnerability
Summary
Hide ▲
Show ▼
Apple's CVE-2026-20700 is an actively exploited dyld memory corruption flaw that can enable arbitrary code execution on susceptible Apple devices. The company said the issue may have been used in an extremely sophisticated attack against specific targeted individuals on iOS before iOS 26. Apple released fixes across multiple platforms after Google TAG reported the bug.
Related Happenings
IOS 26.5 beta rolls out default end-to-end encrypted RCS messaging on iPhone and Android
Security Tool/Service
First: 12.05.2026 08:18
Last: 12.05.2026 08:18
Sources 1
About this happening:
Apple's **iOS 26.5** beta adds **default end-to-end encrypted RCS** messaging for **iPhone** and **Android** users, strengthening privacy in cross-platform chats. The rollout cove...
IOS 26.5 beta rolls out default end-to-end encrypted RCS messaging on iPhone and Android
Security Tool/ServiceAbout this happening: Apple's **iOS 26.5** beta adds **default end-to-end encrypted RCS** messaging for **iPhone** and **Android** users, strengthening privacy in cross-platform chats. The rollout cove...
Google overhauls Android and Chrome bug bounty programs
Commercial Activity
First: 05.05.2026 14:24
Last: 05.05.2026 14:24
Sources 1
About this happening:
**Google** overhauls its **Android and Chrome** vulnerability rewards programs, reshaping payout tiers for **exploit research** and raising top rewards to **$1.5 million**. The ch...
Google overhauls Android and Chrome bug bounty programs
Commercial ActivityAbout this happening: **Google** overhauls its **Android and Chrome** vulnerability rewards programs, reshaping payout tiers for **exploit research** and raising top rewards to **$1.5 million**. The ch...
OpenAI rotates macOS code-signing certificates after supply-chain exposure
Security Tool/Service
First: 13.04.2026 20:39
Last: 13.04.2026 20:39
Sources 1
About this happening:
**OpenAI** is **rotating and revoking macOS code-signing certificates**, forcing users of **ChatGPT Desktop**, **Codex**, **Codex CLI**, and **Atlas** to update so trust in signed...
OpenAI rotates macOS code-signing certificates after supply-chain exposure
Security Tool/ServiceAbout this happening: **OpenAI** is **rotating and revoking macOS code-signing certificates**, forcing users of **ChatGPT Desktop**, **Codex**, **Codex CLI**, and **Atlas** to update so trust in signed...
Coruna iOS exploit analysis ties updated Triangulation kernel exploit lineage
Technical Analysis
First: 26.03.2026 15:10
Last: 26.03.2026 15:10
Sources 1
About this happening:
**Coruna** has been linked to an **updated** exploit lineage from **Operation Triangulation**, showing that a long-running iPhone attack framework continues to evolve and can stil...
Coruna iOS exploit analysis ties updated Triangulation kernel exploit lineage
Technical AnalysisAbout this happening: **Coruna** has been linked to an **updated** exploit lineage from **Operation Triangulation**, showing that a long-running iPhone attack framework continues to evolve and can stil...
Apple iOS outdated-device exploit-kit mitigation advisory
Advisory/Mitigation
First: 20.03.2026 07:16
Last: 20.03.2026 07:16
Sources 1
About this happening:
**Apple** is sending **Lock Screen notifications** to **outdated iPhones and iPads** after detecting **active web-based attacks**, urging users to install updates. The latest noti...
Apple iOS outdated-device exploit-kit mitigation advisory
Advisory/MitigationAbout this happening: **Apple** is sending **Lock Screen notifications** to **outdated iPhones and iPads** after detecting **active web-based attacks**, urging users to install updates. The latest noti...
Timeline
-
12.02.2026 07:39 3 articles · 3mo ago
Apple releases fixes for CVE-2026-20700
Mitigation Patch UpdateApple released iOS 26.3, iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, watchOS 26.3, and visionOS 26.3 on 2026-02-12 to address CVE-2026-20700, a memory corruption flaw in dyld that Apple said may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26; Google Threat Analysis Group (TAG) was credited with discovering and reporting the bug, and Apple also issued fixes related to CVE-2025-14174 and CVE-2025-43529.
Show sources
- Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices — thehackernews.com — 12.02.2026 07:39
- Apple Patches iOS Zero-Day Exploited in ‘Extremely Sophisticated Attack’ — www.securityweek.com — 12.02.2026 09:48
- Apple Patches iOS Zero-Day Exploited in ‘Extremely Sophisticated Attack’ — www.securityweek.com — 12.02.2026 09:48
-
12.02.2026 07:39 3 articles · 3mo ago
Apple releases fixes for CVE-2026-20700
Mitigation Patch UpdateApple released iOS 26.3, iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, watchOS 26.3, and visionOS 26.3 on 2026-02-12 to address CVE-2026-20700, a memory corruption flaw in dyld that Apple said may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26; Google Threat Analysis Group (TAG) was credited with discovering and reporting the bug, and Apple also issued fixes related to CVE-2025-14174 and CVE-2025-43529.
Show sources
- Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Apple Devices — thehackernews.com — 12.02.2026 07:39
- Apple Patches iOS Zero-Day Exploited in ‘Extremely Sophisticated Attack’ — www.securityweek.com — 12.02.2026 09:48
- Apple Patches iOS Zero-Day Exploited in ‘Extremely Sophisticated Attack’ — www.securityweek.com — 12.02.2026 09:48