Apple on Monday announced the release of security updates for iOS and macOS to resolve over 100 vulnerabilities.
iOS 26.1 and iPadOS 26.1 were rolled out with patches for 56 security defects, including 19 issues that affect the WebKit browser engine.
Successful exploitation of the flaws, Apple notes in its advisory, could allow websites to exfiltrate data cross-origin, could lead to unexpected process crashes and memory corruption, and could allow applications to monitor keystrokes.
Many of these bugs were reported by Google’s Big Sleep AI agent. According to the internet giant, Big Sleep can find vulnerabilities that threat actors are getting ready to abuse in the wild, foiling their exploitation efforts.
The fresh iOS and iPadOS updates contain fixes for flaws affecting over two dozen components, which could be abused for sandbox escape, memory corruption, or data leaks.
macOS Tahoe 26.1 was released with patches for 105 security defects, including 45 addressed in iOS 26.1 and iPadOS 26.1 (18 of these were resolved in WebKit).
The flaws could be exploited for kernel memory corruption, system termination, data leaks, sandbox escape, denial-of-service, file tampering, elevation of privilege, and security protection bypasses.
On Monday, Apple also rolled out macOS Sequoia 15.7.2 and macOS Sonoma 14.8.2 with fixes for dozens of vulnerabilities each.
Patches were also released for tvOS, watchOS, visionOS, and Xcode, and Safari 26.1 is bringing fixes for nearly two dozen flaws to macOS Sonoma and macOS Sequoia users.
Apple makes no mention of any of these vulnerabilities being exploited in the wild. Additional information on the updates can be found on the company’s support page.
Related: CISA Warns of Exploited Apple, Kentico, Microsoft Vulnerabilities
Related: Apple Bug Bounty Update: Top Payout $2 Million, $35 Million Paid to Date
Related: Apple Updates iOS and macOS to Prevent Malicious Font Attacks
Related: Apple Rolls Out iOS 26, macOS Tahoe 26 With Patches for Over 50 Vulnerabilities
