Apple released Updates on May 11, 2026 for current versions of their Operating System software, as well as for a number of older versions of macOS and iOS/iPadOS. The updates include more than 50 fixes for security issues including Kernel, WebKit, and Network vulnerabilities. Some new features have also been added. As an example, Apple […]

For the fourth time this month Apple updates were released on March 24, 2026. These security updates address multiple CVEs related to, among other things, WebKit, Kernel and 802.1X networking, as well as bug fixes and new features. Also included are updates for older versions of watchOS that provide enhancements and have no published CVE […]

On December 12, 2025, Apple released Operating System updates for most of its current devices. The patches included numerous Security fixes. The size of the Updates has been included as observed on my devices and well as which iOS/iPadOS version was offered. Strangely enough, Apple seems to be pushing iOS 26.2 to capable iPhones (even […]

Apple disclosed an exceptionally high number of vulnerabilities in core services and components used across its most popular devices, as the tech giant addressed 105 vulnerabilities in MacOS 26.1 and 56 vulnerabilities with the release of iOS 26.1 and iPadOS 26.1. 

The company’s latest security update includes some flaws that affect software spanning iPhones, Macs and iPads. Apple did not report active exploitation of any vulnerabilities it patched Monday. 

Apple’s vulnerability disclosure strategy remains a challenge and point of contention for outside threat researchers who are trying to gauge which vulnerabilities to prioritize for further review. The company doesn’t follow the Common Vulnerability Scoring System and provides minimal details about the potential impact and description of each vulnerability.

“As always, I get frustrated when reading Apple updates as they don’t provide any severity rating,” Dustin Childs, head of threat awareness at Trend Micro’s Zero Day Initiative, told CyberScoop. “I understand not wanting to use CVSS, but if they would at least call out the critical and high-severity bugs, it would be greatly appreciated.”

Apple customers have experienced a respite from zero-day vulnerabilities, following a steady pace of emergency software updates earlier this year. The company has addressed five actively exploited zero-days this year, including defects previously disclosed in January, February, March, April and August. 

The Cybersecurity and Infrastructure Security Agency has added eight Apple defects to its known exploited vulnerabilities catalog this year. 

Childs said he was particularly surprised by the size of Apple’s security release and the number of fixes for WebKit, the open-source web browser engine used across the vendor’s products. 

Seven of the WebKit defects described the potential of an unexpected process crash from the processing of maliciously crafted web content. 

“I was also disappointed to read some of the descriptions of CVEs played down or didn’t specifically call out the chance for arbitrary code execution,” Childs said. 

Apple also patched 21 defects with the release of Safari 26.1, 43 vulnerabilities in visionOS 26.1, 32 bugs in watchOS 26.1 and two defects in Xcode 26.1.

More information about the vulnerabilities and latest software versions are available on Apple’s security release site.

The post Apple addresses more than 100 vulnerabilities in security updates for iPhones, Macs and iPads appeared first on CyberScoop.