Apple has released macOS Tahoe 26.5.2 (build 25F84), a security update for all compatible Macs running Tahoe. There are no new features — this release exists to patch 32 security vulnerabilities, the majority of them in WebKit. It is available now via System Settings → General → Software Update, with a download of roughly 2.7 GB on Apple Silicon Macs.
What's Patched
- 23 fixes in WebKit and related technologies — the browser engine used by Safari, Mail, and every app that displays web content on your Mac.
- Several kernel vulnerabilities, shared with the matching iOS 26.5.2 and iPadOS 26.5.2 updates released the same day.
- Apple does not indicate that any of the vulnerabilities were exploited in the wild.
Because WebKit processes untrusted content from the web constantly, WebKit-heavy security updates are worth installing promptly even when no active exploitation has been reported.
Coming From 26.5 or 26.5.1?
macOS 26.5.2 rolls up everything in 26.5.1 (the June 1 fix for M5 Macs unexpectedly shutting down with content-filtering network extensions) on top of 26.5. Whichever build you are on, one update brings you fully current.
Older Macs
Safari updates carrying the same WebKit fixes are available for macOS Sequoia and Sonoma, and Apple seeded release candidates of Sequoia 15.7.8 and Sonoma 14.8.8 to testers the same day. If your Mac can't run Tahoe, watch for those updates in Software Update soon.
Should You Update?
Yes. A security-only update with a large WebKit payload and no feature changes is about as low-risk and high-value as macOS updates get. Back up first, keep your Mac plugged in, and install.