Apple has released security updates to address an Apple zero-day vulnerability that was exploited in what the company described as an extremely sophisticated attack targeting specific individuals. The flaw affects multiple Apple operating systems and could allow attackers to execute arbitrary code on vulnerable devices. Users are advised to update their devices to the latest software versions to reduce security risk.
Arbitrary Code Execution Flaw in the Dynamic Link Editor
The Apple zero-day vulnerability, tracked as CVE 2026 20700, exists in dyld, the Dynamic Link Editor used across Apple platforms including iOS, iPadOS, macOS, tvOS, watchOS, and visionOS. Dyld is responsible for loading and linking dynamic libraries required for applications to run. A weakness in this component can have serious security consequences because it operates at a core system level.
According to Apple’s security bulletin, an attacker with memory write capability may be able to execute arbitrary code on affected devices. Arbitrary code execution vulnerabilities are considered critical because they can allow threat actors to run malicious instructions, potentially leading to data theft, surveillance, or further compromise of the system.
Apple stated that it is aware of reports that the Apple zero-day vulnerability CVE 20700 was exploited in the same incidents as two previously disclosed vulnerabilities, CVE 2025 14174 and CVE 2025 43529, which were fixed in December. The company indicated that the attacks targeted specific individuals running versions of iOS prior to iOS 26. No further technical details about the exploitation method have been disclosed.
Apple credited Google Threat Analysis Group with discovering CVE 2026 20700. The discovery highlights continued collaboration between major technology companies in identifying and mitigating advanced cyber threats.
Wide Range Of Devices Receive Security Updates
The Apple zero-day vulnerability affects a set of Apple devices. Impacted hardware includes iPhone 11 and later models, several generations of iPad Pro, iPad Air from the third generation onward, iPad from the eighth generation onward, and iPad mini from the fifth generation onward. Mac systems running macOS Tahoe are also included in the affected list.
Apple has addressed the flaw in the following software releases: iOS 18.7.5, iPadOS 18.7.5, macOS Tahoe 26.3, tvOS 26.3, watchOS 26.3, and visionOS 26.3. Users running earlier versions are encouraged to install these updates promptly to ensure protection.
Although Apple described the attacks as targeted rather than widespread, zero-day vulnerabilities present an elevated risk because they are exploited before a patch becomes publicly available. Once disclosed, technical details can be analyzed by other threat actors, increasing the urgency for users to update their systems.
This marks the first Apple zero-day vulnerability addressed by Apple in 2026. In 2025, the company fixed seven zero-day flaws across its platforms. The continued emergence of such vulnerabilities underscores the importance of timely patch management, system monitoring, and layered security practices for both individual users and organizations.
Users and security teams are advised to review device inventories and confirm that all supported Apple systems are updated to the latest available versions to reduce exposure to known exploits.
Visit more of our news! CyberPro Magazine
