What is CVE-2022-26761?

CVE-2022-26761 is a vulnerability in Apple Macos. Published 2022-05-26.

Is CVE-2022-26761 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apple Macos

CVE-2022-26761

A memory corruption issue was addressed with improved memory handling. This issue is fixed in Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.

EPSS: 0.002 (43.9th percentile) — read the EPSS interpretation.

Affected products

Apple Macos — versions unspecified
Apple Security Update - Catalina — versions unspecified

Public proof-of-concept exploits

ARPSyndicate/cvemon
didi/kemon

References

support.apple.com/en-us/HT213255 (x_refsource_MISC)
support.apple.com/en-us/HT213256 (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-26761?: CVE-2022-26761 is a vulnerability in Apple Macos. Published 2022-05-26.
Is CVE-2022-26761 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.