The latest updates, available through iOS 26.5.2, iPadOS 26.5.2, macOS Tahoe 26.5.2 and Safari 26.5.2, address vulnerabilities spanning Apple's operating systems, browser engine, kernel, graphics components and web technologies.
Apple credited OpenAI Codex Security with discovering three vulnerabilities:CVE-2026-43707, a memory corruption flaw capable of causing application crashes while processing malicious web content.
Every browser on iOS is required to use WebKit under Apple's platform rules, making security fixes particularly significant across the broader Apple ecosystem.
Apple has confirmed it is changing the way it delivers security updates, opting to release critical patches earlier than in previous software development cycles.
No Evidence of Active Exploitation—But Speed MattersUnlike several earlier Apple security advisories this year involving zero-day vulnerabilities, Apple said there is currently no evidence that any of the newly patched flaws have been exploited in the wild.
Apple has released a sweeping round of security updates for iPhones, iPads, Macs and Safari, patching more than 30 vulnerabilities—including several flaws identified with the assistance of advanced artificial intelligence systems—as the company accelerates its software release strategy amid growing concerns over AI-powered cyberattacks.
The latest updates, available through iOS 26.5.2, iPadOS 26.5.2, macOS Tahoe 26.5.2 and Safari 26.5.2, address vulnerabilities spanning Apple's operating systems, browser engine, kernel, graphics components and web technologies. While Apple said none of the flaws have been exploited in real-world attacks, the company is urging users to install the updates as soon as possible to reduce the risk of future exploitation.
AI Plays Growing Role in Apple's Security Research
One of the most notable aspects of the release is Apple's acknowledgment that artificial intelligence has become an increasingly important tool in vulnerability discovery.
Four of the patched security flaws affecting WebKit—the browser engine that powers Safari and every web browser on iPhones and iPads—were identified with assistance from OpenAI's Codex Security platform and Anthropic's Claude AI alongside human security researchers.
Apple credited OpenAI Codex Security with discovering three vulnerabilities:
CVE-2026-43707, a memory corruption flaw capable of causing application crashes while processing malicious web content.
CVE-2026-43716, an unspecified vulnerability that could trigger unexpected Safari crashes.
CVE-2026-43745, an out-of-bounds write vulnerability that could also result in browser crashes.
Meanwhile, Anthropic researchers Milad Nasr and Nicholas Carlini, working alongside Claude AI, were credited with identifying CVE-2026-43715, a use-after-free vulnerability that could allow memory corruption when Safari processes specially crafted websites. Apple mitigated the issues through improved memory management, memory handling and stronger input validation mechanisms.
The acknowledgments mark another milestone in the cybersecurity industry's adoption of large language models and AI-assisted code analysis. Rather than replacing human researchers, these systems are increasingly being used to analyze massive codebases, detect memory safety issues, identify insecure coding patterns and accelerate vulnerability research.
WebKit Remains a High-Value Target
Although the AI-assisted vulnerabilities have attracted considerable attention, they represent only a fraction of Apple's latest WebKit fixes.
In total, Apple resolved nearly 30 security issues affecting the browser engine, reinforcing the reality that WebKit remains one of the company's most heavily scrutinized attack surfaces.
Among the additional vulnerabilities addressed are:
CVE-2026-43720, a use-after-free vulnerability affecting WebKit Canvas.
CVE-2026-43725, a flaw that could allow malicious websites to process restricted web content outside the browser sandbox.
Because WebKit is responsible for rendering websites not only in Safari but also within countless iOS applications, vulnerabilities affecting the engine often have security implications well beyond Apple's browser itself. Every browser on iOS is required to use WebKit under Apple's platform rules, making security fixes particularly significant across the broader Apple ecosystem.
Kernel Vulnerabilities Could Have Allowed Privilege Escalation
Apple's latest update also includes patches for several kernel-level vulnerabilities—bugs generally considered among the most serious because they affect the core of the operating system.
The company fixed vulnerabilities that could potentially allow malicious applications to:
Leak sensitive kernel memory layout information (CVE-2026-43722)
Cause unexpected system crashes or write to kernel memory (CVE-2026-43724)
Corrupt kernel memory (CVE-2026-39868)
Security researcher Hyunwoo Kim, known for discovering the Dirty Frag vulnerability, received credit for reporting both CVE-2026-43722 and CVE-2026-43724.
Kernel information leaks are often valuable to attackers because they can weaken modern exploit mitigations such as Kernel Address Space Layout Randomization (KASLR), making it easier to chain multiple vulnerabilities into a successful attack.
Apple Changes Patch Strategy as AI Speeds Up Cyber Threats
Perhaps the most significant announcement accompanying the updates was not a vulnerability itself but a strategic shift in Apple's security response.
Apple has confirmed it is changing the way it delivers security updates, opting to release critical patches earlier than in previous software development cycles.
Historically, many security fixes would remain in beta software until the next major operating system update became publicly available. Apple now says that approach is becoming increasingly risky as artificial intelligence dramatically reduces the amount of time attackers need to reverse engineer patches and develop working exploits.
According to the company, AI has the potential to compress the traditional vulnerability lifecycle from weeks or months into mere hours, prompting Apple to shorten the gap between discovering a vulnerability and delivering fixes to users.
The decision reflects broader concerns across the cybersecurity industry that generative AI is changing both offensive and defensive security operations. While AI enables researchers to uncover software flaws more quickly, it also gives attackers powerful new capabilities for vulnerability analysis, exploit development and malware generation.
No Evidence of Active Exploitation—But Speed Matters
Unlike several earlier Apple security advisories this year involving zero-day vulnerabilities, Apple said there is currently no evidence that any of the newly patched flaws have been exploited in the wild.
Even so, it is recommended installing updates promptly because attackers often begin reverse engineering patches immediately after they become public. Once researchers identify the underlying code changes, it can become significantly easier to develop proof-of-concept exploits targeting users who have not yet updated.
This "patch diffing" process has become increasingly automated through AI-assisted analysis, making delayed updates a growing security risk.
AI Is Reshaping Vulnerability Research
The latest disclosures also illustrate how rapidly AI is becoming integrated into professional security research.
Large language models such as Claude and Codex are now being used to inspect millions of lines of source code, identify unsafe memory operations, suggest exploit paths and assist researchers in validating complex software behavior. Rather than replacing traditional security auditing, AI is increasingly serving as an intelligent assistant capable of dramatically reducing the time required to discover subtle vulnerabilities.
Major technology companies—including Apple, Microsoft, Google and Meta—have expanded investments in AI-powered secure software development and automated vulnerability discovery over the past year, viewing the technology as essential to defending increasingly complex software ecosystems.
Users Encouraged to Update Immediately
The security fixes are now available through:
iOS 26.5.2
iPadOS 26.5.2
macOS Tahoe 26.5.2
Safari 26.5.2
Users can install the updates through the Software Update section of their devices.
Although Apple emphasized that none of the vulnerabilities have been observed in active attacks, the company recommends updating immediately to ensure protection against future exploitation attempts. With AI rapidly accelerating both vulnerability discovery and exploit development, reducing the window between disclosure and patch installation has become an increasingly important component of modern cybersecurity.