Apple released updates for iOS, iPadOS, macOS, and Safari, fixing WebKit flaws, four of which were found using AI tools like Claude and Codex
Apple pushed out security updates for iOS, iPadOS, macOS, and Safari on Monday, and this round comes with a twist worth noticing. Four of the WebKit vulnerabilities patched were found using AI tools, including Anthropic’s Claude and OpenAI’s Codex Security. That’s not a small detail. It changes who’s doing the hunting on the defensive side.
The company addressed four bugs in WebKit, the engine that powers Safari and anything else on Apple devices that renders web content.
Below are the descriptions of the vulnerabilities:
- CVE-2026-43707 – A memory corruption vulnerability in WebKit that can cause an unexpected process crash when handling specially crafted web content.
- CVE-2026-43716 – A WebKit vulnerability that can trigger an unexpected Safari crash when processing maliciously crafted web content.
- CVE-2026-43745 – An out-of-bounds write flaw in WebKit that can cause Safari to crash when a user visits specially crafted web content.
- CVE-2026-43715 – A use-after-free vulnerability in WebKit that can lead to memory corruption when processing maliciously crafted web content.
They’re part of a much bigger patch load. Apple’s advisory lists close to 30 fixes across WebKit alone, including a use-after-free in WebKit Canvas and a flaw that let a malicious website pull restricted content out of the browser sandbox. On the kernel side, three separate bugs could have let a malicious app leak kernel state, crash the system outright, or corrupt kernel memory. Security researcher Hyunwoo Kim, known for finding the Dirty Frag exploit, gets credit for two of those kernel issues.
The updates are live now: iOS 26.5.2, iPadOS 26.5.2, macOS Tahoe 26.5.2, and Safari 26.5.2. Apple says none of the patched vulnerabilities show signs of having been exploited before the fix shipped. Update anyway, obviously, that’s not really optional advice anymore.
Why the timing matters more than usual? Here’s the part that’s actually new. Apple told Reuters it’s pushing these fixes out ahead of schedule, separate from the next full iOS release, because of how fast AI can now turn a known flaw into a working exploit. As one wire report put it,
“Unless security experts discover a hacking campaign targeting a previously unknown software flaw, Apple usually releases security updates as part of a move from one version of iOS to the next, for example from the currently available version – 26.5 – to the next planned update, 26.6. In the interim, developers and other testers trial the next update to iron out any kinks.” states Reuters. “The company said that, instead, the latest round of security updates were being made available to everyone ahead of the wider release of 26.6. It said that while there was no evidence that any of the newly patched vulnerabilities had been taken advantage of, the time between the point when security fixes were first announced and when they were deployed to customers’ phones needed to be compressed.”
That’s a real departure from how Apple normally operates. The company typically bundles security fixes into the next big iOS version bump rather than shipping standalone patches. Reuters described this as “a notable change in Apple’s longstanding practice of packaging security fixes with broader software releases”, which tells you Apple sees the AI-acceleration problem as structural, not a one-off.
The Hacker News confirms that the patches address “flaws, including four vulnerabilities in WebKit that were discovered using artificial intelligence (AI) tools.” Same tools that can find these bugs for defenders can, in different hands, help find them for attackers. The race just got faster on both sides.
The irony is hard to miss. AI helped researchers find these flaws, but it’s also making it easier for attackers to discover and exploit bugs more quickly. That’s why Apple is moving faster to release security updates and reduce the time attackers have to take advantage of them.
If you’ve been delaying your updates, now is a good time to install them. While most of these flaws mainly cause crashes, attackers can often combine them with other vulnerabilities to carry out more serious attacks.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Apple)
