Apple has identified a critical security vulnerability in iOS that could be exploited by attackers to gain access to users' data. According to reports from the press, the company intends the forthcoming iOS 26.2 update to close the hole.
The flaw resides in WebKit, the browser engine used by Safari and other browsers on iOS. Exploitation would allow a malicious actor to send a specially crafted file to a device and potentially take control of an iPhone or iPad.
Apple found the problem affected multiple earlier versions of the operating system. The company decided not to issue the 18.7.3 update for users who remain on that branch of iOS. Owners of a range of iPhone models starting with iPhone 11 may be exposed to the vulnerability, yet not all devices that will not receive 18.7.3 can be upgraded to iOS 26.2. Apple has not provided specific guidance for users of such devices.