Xcode is a development environment for macOS. A buffer overflow vulnerability was addressed with improved bounds checking in Xcode 26.1, which may allow a user in a privileged network position to cause a denial-of-service.
Xcode is a development environment for macOS. A buffer overflow vulnerability was addressed with improved bounds checking in Xcode 26.1, which may allow a user in a privileged network position to cause a denial-of-service.
You're affected if you use Xcode 2025 through 43505 on macOS Sequoia 15.6 and later. Check with: xcrun --version or xcodebuild -version
Note: This is not related to Apple's public-facing products like iOS, watchOS, or tvOS.
Upgrade to Xcode 26.1 or later from the Mac App Store: https://apps.apple.com/us/app/xcode/id147830027
- Immediate mitigations:
- Restrict network access to your Xcode instance (firewall it from the public internet)
- Audit Xcode launch activity for suspicious behavior