Apple's iOS 26.5.2 Patches Critical Kernel Bug Found by Baidu Security Team

Tech News

Apple dropped iOS and iPadOS 26.5.2 on Tuesday, a security-focused update that patches nearly 30 vulnerabilities — including a kernel-level bug that could let attackers corrupt memory and crash devices.

The update (build 23F84) arrives 28 days after the last point release. Apple’s release notes are characteristically terse: “This update provides security fixes for your iPhone.” The full disclosure tells a bigger story.

Most of the fixes target WebKit, the rendering engine that powers Safari and every iOS browser (regulation requires all browsers on iOS to use WebKit). WebRTC, Apple’s real-time communication framework, also received patches. But one vulnerability demands attention.

Tracked as CVE-2026-39868, the kernel bug affects iPhone 11 and all newer models, along with a wide range of iPads — third-generation 12.9-inch iPad Pro and later, first-generation 11-inch iPad Pro and later, third-generation iPad Air and later, eighth-generation iPad and later, and fifth-generation iPad mini and later. An attacker exploiting it could trigger unexpected system termination or corrupt kernel memory.

What makes it unusual is the team behind the discovery. Ye Zhang (@VAR10CK) from Baidu Security, Vladislav Shevchenko from Positive Technologies, and Billy Jheng Bing-Jhong and Pan Zhenpeng from STAR Lab all independently identified the same flaw. Four researchers across three organizations converging on one bug is rare — and it points to a vulnerability that was both subtle and severe.

Apple also released macOS 26.5.2 alongside the mobile update, addressing the same WebKit and kernel issues on Macs.

The full list of affected devices:

iPhone 11 and later, third-generation 12.9-inch iPad Pro and later, first-generation 11-inch iPad Pro and later, third-generation iPad Air and later, eighth-generation iPad and later, fifth-generation iPad mini and later.

For anyone running iOS 26, this is an easy call. Security patches that involve kernel memory corruption don’t usually wait.