CVE-2022-26717

CVE Database · CVE-2022-26717

CVE-2022-26717

· HIGHModified

CVSS v3.1

8.8

EPSS

1.42%

Published

Nov 1, 2022

Modified

May 6, 2025

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5, iTunes 12.12.4 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-416CWE-416

Affected Products (7)

apple · itunes (up to 12.12.4)vulnerable

apple · safari (up to 15.5)vulnerable

apple · ipados (up to 15.5)vulnerable

apple · iphone_os (up to 15.5)vulnerable

apple · macos (up to 12.4)vulnerable

apple · tvos (up to 15.5)vulnerable

apple · watchos (up to 8.6)vulnerable