macOS Sequoia Security Patches in 2026: Every Fix That Matters

I follow Mac security news obsessively. Objective-See's blog, Jamf Threat Labs reports, SentinelOne's research, Patrick Wardle's talks. When Apple pushes a macOS update, I do not just click Install. I read the security content page first.

Most people see "Update Available" and either install immediately or snooze it for three weeks. Neither approach is informed. The first is fine as a habit, but you should understand what you are installing. The second is genuinely dangerous, because some of these patches close vulnerabilities that attackers are already exploiting against real people.

Here is what Apple has patched in macOS Sequoia so far, why it matters, and what it does not fix.

The zero-days: vulnerabilities exploited before Apple patched them

These are the ones that keep me up at night. A zero-day means attackers found and exploited the flaw before Apple even knew about it. By the time you see "Update Available," someone has already been hit.

CVE-2025-24085 -- CoreMedia privilege escalation (January 2025)

The first zero-day of the Sequoia era. This use-after-free vulnerability in CoreMedia, the framework that handles audio and video processing on your Mac, allowed a malicious application to escalate its privileges. Apple confirmed it was actively exploited against versions of iOS before iOS 17.2, meaning attackers had been using this for potentially over a year before the patch landed in macOS Sequoia 15.3.

CISA added it to their Known Exploited Vulnerabilities catalog and required federal agencies to patch by February 19, 2025. That is how seriously the government took this one.

CVE-2025-24201 -- WebKit sandbox escape (March 2025)

This one is particularly alarming. An out-of-bounds write flaw in WebKit allowed maliciously crafted web content to break out of the Web Content sandbox. In plain terms: visiting the wrong webpage could let an attacker escape the browser's safety container and access your system.

Apple described the attacks using this vulnerability as "extremely sophisticated." Security researchers linked it to Glass Cage, a zero-click attack chain that combined this WebKit flaw with the CoreMedia vulnerability (CVE-2025-24085) to achieve kernel-level access through iMessage with no user interaction at all. Apple patched it in macOS Sequoia 15.3.2.

CVE-2025-31200 and CVE-2025-31201 -- CoreAudio and RPAC (April 2025)

Apple issued emergency patches in macOS Sequoia 15.4.1 for two zero-days that were being chained together in targeted attacks. CVE-2025-31200 was a memory corruption flaw in CoreAudio that could be triggered by processing a malicious audio stream. CVE-2025-31201 affected RPAC (Return Pointer Authentication Code), a hardware security feature designed to prevent code-reuse attacks. Together, they allowed attackers to execute arbitrary code with elevated privileges.

Google's Threat Analysis Group, which tracks state-sponsored hacking, co-discovered CVE-2025-31200 with Apple. That tells you the caliber of threat actor exploiting these flaws. Apple said they targeted "specific targeted individuals," which typically means journalists, activists, or executives in the crosshairs of nation-state surveillance.

CVE-2025-14174 and CVE-2025-43529 -- WebKit double zero-day (December 2025)

Two more WebKit zero-days, patched in macOS Sequoia 15.7.3 as part of a 46-vulnerability update. CVE-2025-14174 was a memory corruption flaw (CVSS 8.8) that also affected Chrome, which Google patched two days earlier. CVE-2025-43529 was a use-after-free in WebKit enabling arbitrary code execution. Both could be exploited by simply visiting a malicious webpage. No downloads, no clicks beyond navigating to the page.

CVE-2026-20700 -- dyld memory corruption (February 2026)

The first zero-day of 2026 and the most recent one as I write this. A memory corruption vulnerability in dyld, the dynamic linker that loads every application on your Mac. An attacker with memory write capability could execute arbitrary code. Apple confirmed it was exploited in "extremely sophisticated" attacks and patched it across the entire ecosystem. The fix arrived in macOS Sequoia 15.7.4 on February 11, 2026.

The AirBorne vulnerabilities: your network is the attack surface

In April 2025, researchers at Oligo Security disclosed AirBorne, a collection of 23 vulnerabilities in Apple's AirPlay protocol and SDK. These findings fundamentally changed how I think about network-level Mac security.

The critical chain combines CVE-2025-24252 (an AirPlay use-after-free) with CVE-2025-24206 (a user interaction bypass) to achieve zero-click remote code execution on any Mac with AirPlay receiver enabled and set to "Anyone on the same network" or "Everyone." No user interaction required. The attacker just needs to be on the same Wi-Fi network.

What makes AirBorne especially concerning:

| Property | Detail |

|----------|--------|

| Attack type | Zero-click remote code execution |

| Wormable | Yes -- can spread device to device automatically |

| Requires user interaction | No |

| Network requirement | Same Wi-Fi network as target |

| Affected devices | Every Mac with AirPlay receiver on |

| Third-party impact | Extends to any device using Apple's AirPlay SDK |

Apple patched the AirPlay protocol flaws in macOS Sequoia updates throughout mid-2025. But here is the catch: third-party devices using Apple's AirPlay SDK, think smart TVs and speakers, may remain vulnerable until their manufacturers push firmware updates. Many never will.

If you have not already, go to System Settings, then General, then AirDrop and Handoff, and set AirPlay Receiver to "Current User" or disable it entirely if you do not use it. This is one of the security settings you should change regardless.

WebKit: the vulnerability that keeps giving

WebKit deserves its own section because it is the single most frequently patched component in macOS Sequoia. Every browser on your Mac uses WebKit for rendering (yes, even Chrome on iOS, though on macOS Chrome uses Blink). Safari uses it directly, and any app that displays web content through a WebView uses it too.

Across the Sequoia lifecycle, Apple has patched WebKit vulnerabilities in nearly every single security update. The pattern is consistent: memory corruption, out-of-bounds reads and writes, use-after-free flaws, and type confusion issues. Many of these allow arbitrary code execution through crafted web content.

The three WebKit zero-days I covered above (CVE-2025-24201, CVE-2025-14174, CVE-2025-43529) are just the ones attackers exploited before patches existed. Dozens more WebKit vulnerabilities were patched proactively across Sequoia 15.3 through 15.7.4.

This matters because the web browser is the single largest attack surface on your Mac. Every link you click, every page you visit, every embedded video or ad is processed by WebKit. A single unpatched WebKit flaw means any webpage could potentially compromise your system.

Kernel vulnerabilities: the deepest level

The kernel is the core of macOS. It manages memory, processes, hardware access, and security boundaries. When an attacker gets kernel-level access, it is game over. They can read any file, intercept any communication, and persist through reboots.

macOS Sequoia 15.3 alone patched multiple kernel vulnerabilities including CVE-2025-24118 (a race condition that could leak kernel memory), CVE-2025-24117 (an information disclosure flaw), and several others addressing null pointer dereferences and memory handling issues. Subsequent updates through 15.7.4 continued to address kernel-level flaws in each release.

The February 2026 dyld zero-day (CVE-2026-20700) is particularly concerning because dyld operates at such a fundamental level. Every single application on your Mac goes through the dynamic linker when it launches. A vulnerability there has an enormous blast radius.

Why these patches matter more than you think

Three patterns stand out when I look at the Sequoia patch timeline as a whole.

The attacks are getting more sophisticated. Apple keeps using the phrase "extremely sophisticated attack against specific targeted individuals." They used it for CVE-2025-24201, for CVE-2025-31200, for CVE-2026-20700. These are not script kiddies. These are well-resourced threat actors, often with state backing, developing exploit chains that cost millions of dollars to build.

Zero-click attacks are the new normal. Multiple Sequoia-era vulnerabilities require no user interaction at all. The AirBorne flaws, the WebKit vulnerabilities, the CoreAudio chain -- they can all be triggered without the victim doing anything beyond being connected to a network or receiving a message. This breaks the old "just be careful what you click" advice. You can do everything right and still be compromised.

Exploit chains are getting longer and more creative. Attackers are not relying on single vulnerabilities anymore. They chain CVE-2025-24085 with CVE-2025-24201 for a full zero-click compromise. They chain CVE-2025-31200 with CVE-2025-31201 to bypass hardware-level security. Each individual flaw might seem moderate in isolation, but combined they achieve complete system takeover.

What macOS patches do not fix

Here is where I need to be direct, even though it serves my commercial interest. Apple's security patches are essential, but they only address a specific category of problem. As someone who has been building CoreLock and studying these threat reports for years, I can tell you exactly where the gaps remain.

Third-party application vulnerabilities. Apple patches macOS, not the apps running on it. If your browser extensions, productivity tools, or utilities have their own security flaws, no macOS update will fix that. This is why monitoring what is actually running on your system matters.

Permission creep from apps you have already authorized. When you grant an app full disk access, camera permission, or microphone access, that permission persists indefinitely. Even if the app later gets compromised through a supply chain attack, it retains all the access you originally granted. Apple's patches do not audit or revoke permissions you have already given. You need to review those settings yourself.

Behavioral anomalies between patches. There is always a window between when a vulnerability is exploited and when Apple patches it. For the zero-days above, that window ranged from days to potentially over a year. During that window, the only defense is detecting unusual behavior on your system, anomalous network connections, unexpected privilege escalation, processes that should not be running.

Social engineering. There is no CVE for someone convincing you to enter your password on a phishing site or install a trojanized app. Antivirus alone is not enough precisely because the human element is unpatachable.

How to actually stay protected

Based on everything I have tracked across Sequoia's security timeline, here is what I recommend.

1. Enable automatic updates and do not delay them. Go to System Settings, then General, then Software Update, and turn on automatic updates. When you see a security update notification, install it that day. Not next week. The zero-days I listed above were all being actively exploited before patches landed. Every day you delay is a day you are exposed.

2. Understand what each update fixes. You do not need to read every CVE, but checking Apple's security content pages tells you whether an update addresses actively exploited vulnerabilities. If it does, that is a drop-everything-and-update situation. If it is proactive patching, you have a bit more breathing room, but you should still update within a few days.

3. Audit your AirPlay and network settings. After the AirBorne disclosures, this is non-negotiable. Disable AirPlay Receiver if you do not use it. If you do use it, set it to "Current User" rather than "Anyone on the same network." Avoid public Wi-Fi without a VPN. Your network is now a meaningful attack surface.

4. Review your app permissions regularly. Go through System Settings, then Privacy and Security, and audit which apps have access to your camera, microphone, files, and accessibility features. Remove access from anything that does not need it. Do you even know which apps have camera access right now?

5. Monitor what is happening between patches. This is where I will mention CoreLock, because it is genuinely relevant. Patches fix known vulnerabilities after they are discovered. But the zero-days I described above were exploited for weeks or months before patches existed. During that window, the only defense is behavioral detection: identifying unusual processes, unexpected network connections, or permission changes that signal something is wrong. That is exactly what CoreLock is built to do.

The bottom line

Apple patched at least seven actively exploited zero-day vulnerabilities in macOS Sequoia between January 2025 and February 2026, plus hundreds of additional security flaws found through internal research and responsible disclosure. That is not a sign that macOS is insecure. It is a sign that Apple has a massive attack surface and, to their credit, they are patching aggressively.

But patching alone is not enough. Every one of those zero-days was exploited before a patch existed. Between updates, your Mac's security depends on what you are monitoring, what permissions you have granted, and whether you would notice if something went wrong.

Stay updated. Stay informed. And pay attention to what is running on your machine.