Apple rolled out iOS 26.5.2 on Monday, packing more than 25 security fixes that primarily target web browsing vulnerabilities. The update arrives just under a month after iOS 26.5.1 and focuses heavily on WebKit, with over 15 of the patches addressing issues in the browser engine that powers Safari.

Among the most concerning vulnerabilities were two WebKit flaws that could expose sensitive information through maliciously crafted web content. One cross-origin issue was fixed by improving security origin tracking, while another required validation improvements. Apple also addressed a WebKit Storage vulnerability that let malicious sites hijack clipboard data silently, plus multiple issues causing Safari crashes and memory corruption.

Three kernel vulnerabilities received patches as well, including one that could leak sensitive kernel states and two others allowing apps to corrupt system memory or trigger unexpected shutdowns. These fixes strengthen core iOS protections against more serious exploitation.

AppleInsider recommends installing iOS 26.5.2 immediately, especially since web browsing represents such a common attack vector. Unlike beta versions that may introduce bugs, this security-focused update stabilizes existing protections without adding experimental features that could compromise stability.