Apple issues urgent patch for actively exploited zero-day across iPhone, iPad, Macs and more
Apple has released emergency security updates to fix CVE-2026-20700, a zero-day vulnerability that was actively exploited in targeted attacks across iPhone, iPad, Mac, Apple Watch, Apple TV, Safari and related OS components. The flaw could allow arbitrary code execution, and attackers had already used it in the wild. Apple urges users to update to the latest versions (iOS 26.3, iPadOS 26.3, macOS Tahoe 26.3, watchOS 26.3, tvOS 26.3, visionOS 26.3, and Safari 26.3) immediately and enable automatic updates. Updating closes the attackers’ window of opportunity, so keep devices plugged in and connected during install.