Apple issued a broad set of security updates on May 11, targeting older iPhone, iPad and Mac models still running legacy OS versions. The patches address critical flaws in WebKit, the kernel, Wi‑Fi stacks and sandbox protections, covering releases such as macOS Tahoe 26.5, iOS 18.7.9, iPadOS 18.7.9, and older branches like iOS 16.7.16 and iOS 15.8.8.

These advisories detail privilege‑escalation paths, arbitrary code execution via Wi‑Fi, and multiple WebKit vulnerabilities that could bypass content security policies or corrupt memory. Apple credits researchers from Google Threat Analysis Group, Project Zero, Palo Alto Networks and others for discovering the issues, but notes none appear to be actively exploited in the wild. The updates also fix Gatekeeper bypasses, kernel memory disclosures and sandbox escape techniques across both current and legacy operating systems.

Apple continues to support devices released as far back as 2014, urging users to install the updates and reboot to activate kernel‑level patches. The company recommends avoiding unknown configuration profiles, suspicious links and untrusted apps, especially on older hardware that no longer receives feature updates. Installing these fixes now shields sensitive data and preserves the integrity of Safari‑based web views that rely on WebKit.