Fixed: An app may be able to access sensitive user data
WatchOSApple
About the security content of watchOS 26
watchOS 26
Released September 15, 2025
Apple Neural Engine
- Available for: Apple Watch Series 9 and later, Apple Watch SE 2nd generation, Apple Watch Ultra (all models)
- Impact: An app may be able to cause unexpected system termination
- Description: An out-of-bounds access issue was addressed with improved bounds checking.
- CVE-2025-43344: an anonymous researcher
AppleMobileFileIntegrity
- Available for: Apple Watch Series 6 and later
- Impact: An app may be able to access sensitive user data
- Description: A permissions issue was addressed with additional restrictions.
- CVE-2025-43317: Mickey Jin (@patch1t)
AudioBOLD
- Available for: Apple Watch Series 6 and later
- Impact: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory
- Description: An out-of-bounds access issue was addressed with improved bounds checking.
- CVE-2025-43346: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative
Bluetooth
- Available for: Apple Watch Series 6 and later
- Impact: An app may be able to access sensitive user data
- Description: A logging issue was addressed with improved data redaction.
- CVE-2025-43354: Csaba Fitzl (@theevilbit) of Kandji
- CVE-2025-43303: Csaba Fitzl (@theevilbit) of Kandji
CoreAudio
- Available for: Apple Watch Series 6 and later
- Impact: Processing a maliciously crafted video file may lead to unexpected app termination
- Description: An out-of-bounds write issue was addressed with improved input validation.
- CVE-2025-43349: @zlluny working with Trend Micro Zero Day Initiative
CoreMedia
Available for: Apple Watch Series 6 and later
Impact: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory
Description: The issue was addressed with improved input validation.
CVE-2025-43372: 이동하 (Lee Dong Ha) of SSA Lab
IOHIDFamily
- Available for: Apple Watch Series 6 and later
- Impact: An app may be able to cause unexpected system termination
- Description: An out-of-bounds write issue was addressed with improved bounds checking.
- CVE-2025-43302: Keisuke Hosoda
IOKit- Available for: Apple Watch Series 6 and later
- Impact: An app may be able to access sensitive user data
- Description: An authorization issue was addressed with improved state management.
- CVE-2025-31255: Csaba Fitzl (@theevilbit) of Kandji
Kernel
Available for: Apple Watch Series 6 and later
Impact: A UDP server socket bound to a local interface may become bound to all interfaces
Description: A logic issue was addressed with improved state management.
CVE-2025-43359: Viktor Oreshkin
MobileStorageMounter
- Available for: Apple Watch Series 6 and later
- Impact: An app may be able to cause a denial-of-service
- Description: A type confusion issue was addressed with improved memory handling.
- CVE-2025-43355: Dawuge of Shuffle Team
Sandbox
- Available for: Apple Watch Series 6 and later
- Impact: An app may be able to break out of its sandbox
- Description: A permissions issue was addressed with additional restrictions.
- CVE-2025-43329: an anonymous researcher
Spell Check
- Available for: Apple Watch Series 6 and later
- Impact: An app may be able to access sensitive user data
- Description: A parsing issue in the handling of directory paths was addressed with improved path validation.
- CVE-2025-43190: Noah Gregory (wts.dev)
SQLite
- Available for: Apple Watch Series 6 and later
- Impact: Processing a file may lead to memory corruption
- Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.
- CVE-2025-6965
System
- Available for: Apple Watch Series 6 and later
- Impact: An input validation issue was addressed
- Description: This issue was addressed by removing the vulnerable code.
- CVE-2025-43347: JZ, Seo Hyun-gyu (@wh1te4ever), Luke Roberts (@rookuu)
WebKit
- Available for: Apple Watch Series 6 and later
- Impact: A website may be able to access sensor information without user consent
- Description: The issue was addressed with improved handling of caches.
- WebKit Bugzilla: 296153
- CVE-2025-43356: Jaydev Ahire
WebKit
- Available for: Apple Watch Series 6 and later
- Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash
- Description: The issue was addressed with improved memory handling.
- WebKit Bugzilla: 294550
- CVE-2025-43272: Big Bear
WebKit
- Available for: Apple Watch Series 6 and later
- Impact: Processing maliciously crafted web content may lead to an unexpected process crash
- Description: The issue was addressed with improved memory handling.
- WebKit Bugzilla: 296490
- CVE-2025-43343: an anonymous researcher
WebKit
- Available for: Apple Watch Series 6 and later
- Impact: Processing maliciously crafted web content may lead to an unexpected process crash
- Description: A correctness issue was addressed with improved checks.
- WebKit Bugzilla: 296042
- CVE-2025-43342: an anonymous researcherwatchOS 26
- Released September 15, 2025
Apple Neural Engine
- Available for: Apple Watch Series 9 and later, Apple Watch SE 2nd generation, Apple Watch Ultra (all models)
- Impact: An app may be able to cause unexpected system termination
- Description: An out-of-bounds access issue was addressed with improved bounds checking.
- CVE-2025-43344: an anonymous researcher
AppleMobileFileIntegrity
- Available for: Apple Watch Series 6 and later
- Impact: An app may be able to access sensitive user data
- Description: A permissions issue was addressed with additional restrictions.
- CVE-2025-43317: Mickey Jin (@patch1t)
Audio
- Available for: Apple Watch Series 6 and later
- Impact: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory
- Description: An out-of-bounds access issue was addressed with improved bounds checking.
- CVE-2025-43346: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative
Bluetooth
- Available for: Apple Watch Series 6 and later
- Impact: An app may be able to access sensitive user data
- Description: A logging issue was addressed with improved data redaction.
- CVE-2025-43354: Csaba Fitzl (@theevilbit) of Kandji
- CVE-2025-43303: Csaba Fitzl (@theevilbit) of Kandji
CoreAudio
- Available for: Apple Watch Series 6 and later
- Impact: Processing a maliciously crafted video file may lead to unexpected app termination
- Description: An out-of-bounds write issue was addressed with improved input validation.
- CVE-2025-43349: @zlluny working with Trend Micro Zero Day Initiative
CoreMedia
- Available for: Apple Watch Series 6 and later
- Impact: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory
- Description: The issue was addressed with improved input validation.
- CVE-2025-43372: 이동하 (Lee Dong Ha) of SSA Lab
IOHIDFamily
- Available for: Apple Watch Series 6 and later
- Impact: An app may be able to cause unexpected system termination
- Description: An out-of-bounds write issue was addressed with improved bounds checking.
- CVE-2025-43302: Keisuke Hosoda
IOKit
- Available for: Apple Watch Series 6 and later
- Impact: An app may be able to access sensitive user data
- Description: An authorization issue was addressed with improved state management.
- CVE-2025-31255: Csaba Fitzl (@theevilbit) of Kandji
Kernel
- Available for: Apple Watch Series 6 and later
- Impact: A UDP server socket bound to a local interface may become bound to all interfaces
- Description: A logic issue was addressed with improved state management.
- CVE-2025-43359: Viktor Oreshkin
-
MobileStorageMounter - Available for: Apple Watch Series 6 and later
- Impact: An app may be able to cause a denial-of-service
- Description: A type confusion issue was addressed with improved memory handling.
- CVE-2025-43355: Dawuge of Shuffle Team
Sandbox
- Available for: Apple Watch Series 6 and later
- Impact: An app may be able to break out of its sandbox
- Description: A permissions issue was addressed with additional restrictions.
- CVE-2025-43329: an anonymous researcher
Spell Check
- Available for: Apple Watch Series 6 and later
- Impact: An app may be able to access sensitive user data
- Description: A parsing issue in the handling of directory paths was addressed with improved path validation.
- CVE-2025-43190: Noah Gregory (wts.dev)
SQLite
- Available for: Apple Watch Series 6 and later
- Impact: Processing a file may lead to memory corruption
- Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.
- CVE-2025-6965
System
- Available for: Apple Watch Series 6 and later
- Impact: An input validation issue was addressed
- Description: This issue was addressed by removing the vulnerable code.
- CVE-2025-43347: JZ, Seo Hyun-gyu (@wh1te4ever), Luke Roberts (@rookuu)
WebKit
- Available for: Apple Watch Series 6 and later
- Impact: A website may be able to access sensor information without user consent
- Description: The issue was addressed with improved handling of caches.
- WebKit Bugzilla: 296153
- CVE-2025-43356: Jaydev Ahire
WebKit
- Available for: Apple Watch Series 6 and later
- Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash
- Description: The issue was addressed with improved memory handling.
- WebKit Bugzilla: 294550
- CVE-2025-43272: Big Bear
WebKit
- Available for: Apple Watch Series 6 and later
- Impact: Processing maliciously crafted web content may lead to an unexpected process crash
- Description: The issue was addressed with improved memory handling.
- WebKit Bugzilla: 296490
- CVE-2025-43343: an anonymous researcher
WebKit
- Available for: Apple Watch Series 6 and later
- Impact: Processing maliciously crafted web content may lead to an unexpected process crash
- Description: A correctness issue was addressed with improved checks.
- WebKit Bugzilla: 296042
- CVE-2025-43342: an anonymous researcher
