- Description
- The issue was addressed with improved bounds checks. This issue is fixed in Keynote 15.1, iOS 26 and iPadOS 26, macOS Tahoe 26. Processing a maliciously crafted Keynote file may disclose memory contents.
- Source
- product-security@apple.com
- NVD status
- Modified
- Products
- keynote, ipados, iphone_os, macos
CVSS 3.1
- Type
- Secondary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-125
- Hype score
- Not currently trending
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:keynote:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D682F73E-4A79-4BE5-AC6C-51C497A3BFE9",
"versionEndExcluding": "15.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C4221CFD-0208-42B8-AACA-1BE6AEC3BA9A",
"versionEndExcluding": "26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "68DCA17A-424E-4EE3-B005-0F2E42407226",
"versionEndExcluding": "26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "39AFEC84-CF6E-4859-8B5A-C5CF3F838A94",
"versionEndExcluding": "26.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]