February 12, 2026 · Applied Cybernetics Group
CVE-2026-20700 — Apple Multiple Products
Apple Multiple Buffer Overflow Vulnerability
- Added to KEV
2026-02-12- Federal due date
2026-03-05- Vendor
- Apple
- Product
- Multiple Products
- EPSS
- 64.2th percentile (score 0.005, as of
2026-06-08) - NVD CVSS v3.1
- —
- Ransomware use
- Unknown
- Upstream
- https://nvd.nist.gov/vuln/detail/CVE-2026-20700
CISA short description
Apple iOS, macOS, tvOS, watchOS, and visionOS contain an improper restriction of operations within the bounds of a memory buffer vulnerability that could allow an attacker with memory write the capability to execute arbitrary code.
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.