- Apple patches zero-day CVE-2026-20700 in Dynamic Hyperlink Editor (dyld)
- Flaw enabled arbitrary code execution, utilized in refined focused assaults
- Fixes launched in iOS, iPadOS, macOS, tvOS, watchOS, and visionOS updates
Apple has mounted its first zero-day vulnerability of 2026, a bug that has apparently been utilized in an “extraordinarily refined assault”.
In a safety advisory, Apple mentioned the Google Menace Evaluation Group (GTAG) found a reminiscence corruption problem within the Dynamic Hyperlink Editor (dyld), a system element that helps apps run, and when an individual opens an app, the element masses the shared libraries it wants and connects all the things collectively.
Dyld works within the background and is crucial for operating apps on Apple gadgets.
Now, Apple says the bug, which permits malicious actors with reminiscence write functionality to execute arbitrary code on weak gadgets, is tracked as CVE-2026-20700, and is given a severity rating of 9.8/10 (crucial), as per Tenable.
“Apple is conscious of a report that this problem could have been exploited in an especially refined assault in opposition to particular focused people on variations of iOS earlier than iOS 26. CVE-2025-14174 and CVE-2025-43529 had been additionally issued in response to this report.”
There are two issues that stand out on this advisory: that the bug was utilized in an especially refined assault in opposition to particular people, and that it was found by GTAG – a bunch that nearly completely tracks state-sponsored risk actors.
This may imply that the targets had been politicians, diplomats, CEOs of crucial infrastructure organizations, or these working in protection, aerospace, or telecommunications sectors. Traditionally, these individuals are the primary ones to be focused with a zero-day on an Apple system.
Right here is the total record of affected gadgets:
iPhone 11 and later
iPad Professional 12.9-inch (third technology and later)
iPad Professional 11-inch (1st technology and later)
iPad Air (third technology and later)
iPad (eighth technology and later)
iPad mini (fifth technology and later)
Mac gadgets operating macOS Tahoe
The bug was mounted in iOS 18.7.5, iPadOS 18.7.5, macOS Tahoe 26.3, tvOS 26.3, watchOS 26.3, and visionOS 26.3, so be sure that to patch as quickly as attainable.
By way of BleepingComputer
One of the best antivirus for all budgets
Observe TechRadar on Google Information and add us as a most popular supply to get our professional information, opinions, and opinion in your feeds. Ensure to click on the Observe button!
And naturally it’s also possible to observe TechRadar on TikTok for information, opinions, unboxings in video kind, and get common updates from us on WhatsApp too.
