CVE-2026-20641

Published Feb 11, 2026

Last updated 20 days ago

CVSS high 7.1

Overview

Description: A privacy issue was addressed with improved checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to identify what other apps a user has installed.
Source: product-security@apple.com
NVD status: Analyzed
Products: ipados, iphone_os, macos, tvos, visionos, watchos

Risk scores

CVSS 3.1

Type: Secondary
Base score: 7.1
Impact score: 5.2
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Severity: HIGH

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "5DF4C0EE-C67C-4BA1-BB50-C51DEC72E486",
            "versionEndExcluding": "18.7.5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "00E2601B-7453-4C8B-A307-EF7BC5BF2E84",
            "versionEndExcluding": "26.3",
            "versionStartIncluding": "26.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "273784FD-F8F0-466D-AF6E-5511FF3781B7",
            "versionEndExcluding": "18.7.5",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "951073F9-924E-4D9C-8DA1-64E284326CC5",
            "versionEndExcluding": "26.3",
            "versionStartIncluding": "26.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "E899D2A7-973C-4A46-B479-C245E5DFABE9",
            "versionEndExcluding": "14.8.4",
            "versionStartIncluding": "14.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "A5F7A1AF-3DD7-4FA1-BF78-4855F83BB463",
            "versionEndExcluding": "15.7.4",
            "versionStartIncluding": "15.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "0488A377-7971-4703-8823-05BF1E23CF48",
            "versionEndExcluding": "26.3",
            "versionStartIncluding": "26.0",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "60137BD4-65B6-4962-B1E5-5F4EE279489B",
            "versionEndExcluding": "26.3",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "388EDB3F-A14E-4922-B88A-F1CB6DE50A2A",
            "versionEndExcluding": "26.3",
            "vulnerable": true
          },
          {
            "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
            "matchCriteriaId": "F406F3D2-0AF3-4F83-A123-2AC07B3B094E",
            "versionEndExcluding": "26.3",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References