New Exploit Lets You Run iPadOS on an iPhone, but Only Below iOS 26.2 Beta 2

New Exploit Lets You Run iPadOS on an iPhone, but Only Below iOS 26.2 Beta 2
Courtesy: Duy Tran

Running iPadOS-style features on an iPhone sounded like a thing of the past. A new sandbox escape exploit has changed that again. It targets specific system services on iOS and works on versions up to iOS 26.2 beta 1. Apple closed the hole in iOS 26.2 beta 2, so anyone on newer firmware loses access to this trick.

Security researcher Hana Kim found the flaw in how the MobileGestalt subsystem talks to services like itunesstored and bookassetd. Kim documented the work in a write-up called “download28_sbx_escape” and shared working code on GitHub, which gives developers a clear reference instead of vague hints.

Don’t miss the best of The Mac Observer

Set us as a preferred source and our Apple reporting ranks higher in your Google Search results and Discover feed — one tap, no account changes.

Or get it by email

On X, users like Duy Tran and Huy Nguyen have already shown iPadOS running on an iPhone 17 Pro Max using this exploit.

Once the sandbox breaks, developers can flip internal switches that control layout and features. That is how they enable iPad-style split view and floating windows on an iPhone, lift sideloading limits, or switch on region-locked functions such as iPhone mirroring in the EU.

These projects used earlier MobileGestalt loopholes. Many of them now plan updates around this fresh entry point.

Steps if you want to stay eligible

  1. Check your exact device model and current iOS version.
  2. Visit an iOS signing status tracker and confirm whether iOS 26.1 is still open for your device.
  3. Back up your iPhone completely before you restore or downgrade.
  4. Restore or downgrade to iOS 26.1 only while Apple still signs that firmware.
  5. Stay away from iOS 26.2 beta 2 or later if you want to keep this option.
  6. Wait for updated tweak managers if you prefer a simple interface instead of command-line tools.
  7. Read the risks and accept that you trade some security and stability for control.

This exploit does not give you a full jailbreak, but it removes one of the biggest barriers by escaping the sandbox on a wide slice of modern firmware. For the first time in months, the jailbreak scene has both a new path and a clear reason to watch the next wave of tools.

Discussion

Join the discussionCommenting as a guest — your email is never published · Log in

Protected by Akismet — be kind, stay on topic.

This site uses Akismet to reduce spam. Learn how your comment data is processed.