Apple’s latest security updates cover more than 30 vulnerabilities across its full device lineup — and for the first time, AI systems from two major AI companies appear in the official credit lines alongside the human researchers who found the bugs.
Four WebKit CVEs Credited to AI-Assisted Security Research
The updates span iOS 26.2, iPadOS 26.2, macOS Tahoe 26.2, Safari 26.2, tvOS 26.2, watchOS 26.2, and visionOS 26.2. Collectively they address more than 30 vulnerabilities covering memory corruption, use-after-free conditions, out-of-bounds writes, and sandbox escape scenarios. Among the WebKit-specific fixes are six patches, four of which carry formal credit to AI systems operating alongside human researchers.
This is the first public Apple security update to formally credit AI systems as co-discoverers of patched vulnerabilities. The inclusion of AI credits in an official vendor advisory from Apple — the largest mobile platform by active device count — signals a measurable shift in how automated tooling is participating in mainstream vulnerability research.
OpenAI Codex Security Finds Three WebKit Memory and Crash Bugs
OpenAI Codex Security is credited with discovering three of the four AI-identified WebKit vulnerabilities. CVE-2026-43707 is a memory corruption condition that causes an unexpected crash in the WebKit rendering process. CVE-2026-43716 produces an unexpected Safari browser crash. CVE-2026-43745 is an out-of-bounds write vulnerability that leads to unexpected application termination.
The three Codex Security findings span distinct vulnerability classes — memory corruption, browser crash, and out-of-bounds write — indicating that AI-assisted tooling can surface diverse bug types within the same codebase rather than converging on a single pattern or a narrow region of the attack surface.
Anthropic Researchers and Claude Jointly Credit CVE-2026-43715
The fourth AI-assisted WebKit discovery is CVE-2026-43715, a use-after-free vulnerability with potential for memory corruption. Credit is shared by Anthropic researchers Milad Nasr and Nicholas Carlini alongside Claude. The co-credit structure — naming specific human researchers alongside the AI system — reflects a collaborative discovery model rather than a fully autonomous pipeline.
Use-after-free vulnerabilities in a browser engine carry meaningful security risk. A malicious web page that successfully triggers a use-after-free in WebKit can produce memory corruption that, depending on conditions, may be exploitable to achieve code execution or information disclosure within the browser process.
Additional High-Severity WebKit Fixes: Canvas Use-After-Free and Sandbox Escape
Beyond the four AI-credited discoveries, the release addresses two additional high-severity WebKit vulnerabilities that users should factor into their update priority.
CVE-2026-43720 is a use-after-free in WebKit Canvas, the subsystem responsible for hardware-accelerated 2D graphics rendering. CVE-2026-43725 is a more structurally significant issue: a malicious website can trigger the processing of restricted web content outside the browser sandbox boundary, undermining the isolation layer that separates web content from the host system.
Why CVE-2026-43725’s Sandbox Escape Changes the Risk Calculation
A sandbox escape in WebKit is categorically different from a crash-inducing memory corruption bug. Most WebKit memory corruption vulnerabilities, if exploitable, require chaining with a second vulnerability to escape the browser’s sandbox and reach the operating system. CVE-2026-43725 removes that requirement for whatever exploit chain targets it: a malicious site that successfully triggers the flaw gains a path outside the sandbox without a second stage.
The full scope of the patch release — more than 30 vulnerabilities — extends beyond the six WebKit fixes. Apple’s updates cover iOS, iPadOS, macOS, Safari, tvOS, watchOS, and visionOS in a single coordinated release, and users and administrators should apply the updates across all Apple device categories immediately.
The formal crediting of AI systems as co-discoverers in a vendor advisory from a company of Apple’s scale is unlikely to remain unusual for long. As AI-assisted vulnerability research matures, the credits visible in security advisories will increasingly reflect the automated analysis tools operating alongside human researchers — not just as accelerators, but as named contributors to the bugs that get patched.
