Apple iPadOS Apple iPad Operating System
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Apple iPadOS.
Recent Apple iPadOS Security Advisories
| Advisory | Title | Published |
|---|---|---|
| 126347 | iOS 18.7.5 and iPadOS 18.7.5 - Apple Security Content | February 11, 2026 |
| 126346 | iOS 26.3 and iPadOS 26.3 - Apple Security Content | February 11, 2026 |
| 125885 | iOS 18.7.3 and iPadOS 18.7.3 - Apple Security Content | December 12, 2025 |
| 125884 | iOS 26.2 and iPadOS 26.2 - Apple Security Content | December 12, 2025 |
| 125633 | iOS 18.7.2 and iPadOS 18.7.2 - Apple Security Content | November 5, 2025 |
| 125632 | iOS 26.1 and iPadOS 26.1 - Apple Security Content | November 3, 2025 |
| 125326 | iOS 26.0.1 and iPadOS 26.0.1 - Apple Security Content | September 29, 2025 |
| 125327 | iOS 18.7.1 and iPadOS 18.7.1 - Apple Security Content | September 29, 2025 |
| 125141 | iOS 16.7.12 and iPadOS 16.7.12 - Apple Security Content | September 15, 2025 |
| 125108 | iOS 26 and iPadOS 26 - Apple Security Content | September 15, 2025 |
EOL Dates
Ensure that you are using a supported version of Apple iPadOS. Here are some end of life, and end of support dates for Apple iPadOS.
| Release | EOL Date | Status |
|---|---|---|
| 26 | - |
Active
|
| 18 | - |
Active
|
| 17 | - |
Active
|
| 16 | March 31, 2025 |
EOL
Apple iPadOS 16 became EOL in 2025 and supported ended in 2023 |
| 15 | March 31, 2025 |
EOL
Apple iPadOS 15 became EOL in 2025 and supported ended in 2022 |
| 14 | October 1, 2021 |
EOL
Apple iPadOS 14 became EOL in 2021 and supported ended in 2021 |
| 13 | September 16, 2020 |
EOL
Apple iPadOS 13 became EOL in 2020 and supported ended in 2020 |
| 12 | September 24, 2019 |
EOL
Apple iPadOS 12 became EOL in 2019 and supported ended in 2019 |
By the Year
In 2026 there have been 49 vulnerabilities in Apple iPadOS with an average score of 5.8 out of ten. Last year, in 2025 iPadOS had 359 security vulnerabilities published. Right now, iPadOS is on track to have less security vulnerabilities in 2026 than it did last year. Last year, the average CVE base score was greater by 0.72
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 49 | 5.76 |
| 2025 | 359 | 6.47 |
| 2024 | 291 | 6.22 |
| 2023 | 267 | 6.79 |
| 2022 | 215 | 7.18 |
| 2021 | 336 | 6.91 |
| 2020 | 231 | 7.06 |
| 2019 | 34 | 5.30 |
It may take a day or so for new iPadOS vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Apple iPadOS Security Vulnerabilities
Safari DoS via Improper Memory Handling (pre-26.3)
CVE-2026-20652
7.5 - High
- February 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.3, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. A remote attacker may be able to cause a denial-of-service.
Resource Exhaustion
Apple Safari 26.3 WebKit crash via memory handling flaw
CVE-2026-20644
6.5 - Medium
- February 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.3, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.
Buffer Overflow
macOS Crash via Improper Memory Handling Fixed in Sequoia 15.7.4
CVE-2026-20605
4.6 - Medium
- February 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4. An app may be able to crash a system process.
Buffer Overflow
Apple OS DoS via Malicious File Handling (fixed in 26.3, 14.8.4, 15.7.4, 18.7.5)
CVE-2026-20609
4.4 - Medium
- February 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents.
Out-of-bounds Read
Safari Crash via Malicious Web Content Fixed in 26.3
CVE-2026-20608
5.5 - Medium
- February 11, 2026
This issue was addressed through improved state management. This issue is fixed in macOS Tahoe 26.3, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.
Allocation of Resources Without Limits or Throttling
Apple OS Logging Leak Fixed in 26.3
CVE-2026-20649
5.5 - Medium
- February 11, 2026
A logging issue was addressed with improved data redaction. This issue is fixed in watchOS 26.3, iOS 26.3 and iPadOS 26.3, tvOS 26.3, macOS Tahoe 26.3. A user may be able to view sensitive user information.
Insecure Temporary File
Apple macOS/iOS Logic Issue Fixed 15.7.4/18.7.5/26.3/14.8.4
CVE-2026-20673
5.3 - Medium
- February 11, 2026
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4. Turning off "Load remote content in messages may not apply to all mail previews.
Directory Path Parsing Issue - Apple OS (pre-26.3,14.8.4,15.7.4,18.7.5)
CVE-2026-20653
5.5 - Medium
- February 11, 2026
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to access sensitive user data.
Directory traversal
CVE-2026-20645 UI State Flaw in iOS 26.3 & iPadOS 26.3 (Physical Access)
CVE-2026-20645
4.6 - Medium
- February 11, 2026
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.
Clickjacking
Apple OS 26.3: Memory Corruption CVE-2026-20700 Fixed
CVE-2026-20700
7.8 - High
- February 11, 2026
A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report.
Buffer Overflow
Apple OS Sandbox Escape via Permission Issue before 15.7.4
CVE-2026-20628
7.1 - High
- February 11, 2026
A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to break out of its sandbox.
Authorization
Apple iOS&iPadOS 26.3 Sensitive Data Leakage on Locked Devices
CVE-2026-20674
4.6 - Medium
- February 11, 2026
A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access to a locked device may be able to view sensitive user information.
Information Disclosure
Safari memory handling crash (CVE-2026-20635)
CVE-2026-20635
4.3 - Medium
- February 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.
Buffer Overflow
Apple macOS HID Bounds Check Crash (before 15.7.4)
CVE-2025-46301
5.7 - Medium
- February 11, 2026
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4. A malicious HID device may cause an unexpected process crash.
Buffer Overflow
iOS/iPadOS Auth Issue Fixed in 26.3 & 18.7.5 Sensitive Data Access
CVE-2026-20678
5.5 - Medium
- February 11, 2026
An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An app may be able to access sensitive user data.
Information Disclosure
Root Priv Escalation via Path Handling in Apple iOS 26.3
CVE-2026-20615
7.8 - High
- February 11, 2026
A path handling issue was addressed with improved validation. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. An app may be able to gain root privileges.
Directory traversal
Apple iOS 26.3 Fix: CVE-2026-20642 Allows Photos Access from Lock Screen
CVE-2026-20642
2.4 - Low
- February 11, 2026
An input validation issue was addressed. This issue is fixed in iOS 26.3 and iPadOS 26.3. A person with physical access to an iOS device may be able to access photos from the lock screen.
Authorization
Apple OS 26.3 Memory Handling Fix Prevents App-Induced System Termination
CVE-2026-20654
5.5 - Medium
- February 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to cause unexpected system termination.
Buffer Overflow
Apple iOS/iPadOS Auth Bug Allows Sensitive Info Leak on Physical Access
CVE-2026-20655
- February 11, 2026
An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.
Apple macOS/iOS Sandbox Data Leak prior to 26.3/18.7.5
CVE-2026-20680
- February 11, 2026
The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. A sandboxed app may be able to access sensitive user data.
iOS/iPadOS 26.3 Live Caller ID App Ext. Info Leak
CVE-2026-20638
5.5 - Medium
- February 11, 2026
A logic issue was addressed with improved checks. This issue is fixed in iOS 26.3 and iPadOS 26.3. A user with Live Caller ID app extensions turned off could have identifying information leaked to the extensions.
Authorization
Apple iOS/iPadOS Installed-Apps Enumeration via Logging (fixed 26.3)
CVE-2026-20663
3.3 - Low
- February 11, 2026
The issue was resolved by sanitizing logging. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An app may be able to enumerate a user's installed apps.
Insertion of Sensitive Information into Log File
Apple HID Bound-Check Crash (macOS/iOS) before 15.7.4/18.7.5
CVE-2025-46300
5.7 - Medium
- February 11, 2026
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4. A malicious HID device may cause an unexpected process crash.
Buffer Overflow
Apple OS Image Parser Memory Disclosure (before 18.7.5/26.3)
CVE-2026-20634
5.5 - Medium
- February 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. Processing a maliciously crafted image may result in disclosure of process memory.
Apple OS Image Disclosure Pre 26.3
CVE-2026-20675
5.5 - Medium
- February 11, 2026
The issue was addressed with improved bounds checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. Processing a maliciously crafted image may lead to disclosure of user information.
Out-of-bounds Read
Apple macOS/iOS HID bounds check flaw process crash (CVE-2025-46303)
CVE-2025-46303
5.7 - Medium
- February 11, 2026
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4. A malicious HID device may cause an unexpected process crash.
Buffer Overflow
Apple macOS/iOS Kernel Mem Corrupt (pre-26.3/18.7.5)
CVE-2026-20621
- February 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to cause unexpected system termination or corrupt kernel memory.
Apple macOS/iOS path handling flaw enabling arbitrary file write (pre-26.3)
CVE-2026-20660
5.5 - Medium
- February 11, 2026
A path handling issue was addressed with improved logic. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. A remote user may be able to write arbitrary files.
Directory traversal
Safari Web Extension Tracking Flaw Fixed in 26.3
CVE-2026-20676
- February 11, 2026
This issue was addressed through improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, Safari 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions.
Apple iOS Safari History Leak before 18.7.5 (CVE202620656)
CVE-2026-20656
- February 11, 2026
A logic issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, Safari 26.3, macOS Tahoe 26.3. An app may be able to access a user's Safari history.
Apple iOS 26.3 iPhone Mirroring Screenshot Flaw (Physical Access)
CVE-2026-20640
4.6 - Medium
- February 11, 2026
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access to iPhone may be able to take and view screenshots of sensitive data from the iPhone during iPhone Mirroring with Mac.
Improper Check or Handling of Exceptional Conditions
Root via race condition on Apple OS v26.3
CVE-2026-20617
7 - High
- February 11, 2026
A race condition was addressed with improved state handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to gain root privileges.
Race Condition
Apple Notes Deleted Notes Leakage iOS/iPadOS 18.7.5/26.3
CVE-2026-20682
- February 11, 2026
A logic issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An attacker may be able to discover a users deleted notes.
Out-of-Bounds Write in USD File Parser Fixed in iOS 18.7.5 / macOS 14.8.4
CVE-2026-20616
6.5 - Medium
- February 11, 2026
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termination.
Memory Corruption
Apple OS App-Discovery Priv. Bypass (watchOS 26.3 / tvOS 26.3 / macOS 15.7.4 / iOS 18.7.5)
CVE-2026-20641
7.1 - High
- February 11, 2026
A privacy issue was addressed with improved checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to identify what other apps a user has installed.
Information Disclosure
macOS Sandboxing Bypass via Symbolic Link Race (pre-26.3/14.8.4/18.7.5)
CVE-2026-20677
- February 11, 2026
A race condition was addressed with improved handling of symbolic links. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. A shortcut may be able to bypass sandbox restrictions.
Apple Safari WebKit memory bug causes crashes before iOS 26.3
CVE-2026-20636
6.5 - Medium
- February 11, 2026
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.3 and iPadOS 26.3, Safari 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.
Buffer Overflow
Apple macOS/HID crash fixed in Sequoia 15.7.4, iOS 18.7.5
CVE-2025-46302
5.7 - Medium
- February 11, 2026
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4. A malicious HID device may cause an unexpected process crash.
Buffer Overflow
iOS/iPadOS Auth Fix (26.3/18.7.5) Physical Access Data Leak
CVE-2026-20661
- February 11, 2026
An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, iOS 18.7.5 and iPadOS 18.7.5. An attacker with physical access to a locked device may be able to view sensitive user information.
Apple OS DoS via Bluetooth (CVE-2026-20650) fixed in 26.3
CVE-2026-20650
7.5 - High
- February 11, 2026
A denial-of-service issue was addressed with improved validation. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Bluetooth packets.
Resource Exhaustion
Apple OS Media OOB Crash, fixed v26.3/14.8.4/15.7.4
CVE-2026-20611
7.1 - High
- February 11, 2026
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
Out-of-bounds Read
Apple macOS SEQUOIA 15.7.4 / SONOMA 14.8.4 HID Crash via Bounds Check
CVE-2025-46305
5.7 - Medium
- February 11, 2026
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4. A malicious HID device may cause an unexpected process crash.
Buffer Overflow
Apple OS Env Var Validation Flaw before 26.3
CVE-2026-20627
5.5 - Medium
- February 11, 2026
An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in watchOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An app may be able to access sensitive user data.
Improper Input Validation
Apple OS network logic flaw allows traffic interception (fixed 26.3 & 14.8.4)
CVE-2026-20671
3.1 - Low
- February 11, 2026
A logic issue was addressed with improved checks. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker in a privileged network position may be able to intercept network traffic.
Root Privilege Escalation in Apple OS before 15.7.4/26.3
CVE-2026-20626
7.8 - High
- February 11, 2026
This issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A malicious app may be able to gain root privileges.
AuthZ
Sandbox Bypass Logic Issue fixed in Apple OS 26.3
CVE-2026-20667
8.8 - High
- February 11, 2026
A logic issue was addressed with improved checks. This issue is fixed in watchOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 26.3 and iPadOS 26.3. An app may be able to break out of its sandbox.
Protection Mechanism Failure
Apple macOS/iOS HID bounds check crash (CVE-2025-46304)
CVE-2025-46304
5.7 - Medium
- February 11, 2026
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4. A malicious HID device may cause an unexpected process crash.
Resource Exhaustion
App bypasses Privacy prefs in macOS 26.3 & iOS 18.7.5, fixed by removing code
CVE-2026-20606
7.1 - High
- February 11, 2026
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. An app may be able to bypass certain Privacy preferences.
Information Disclosure
iOS 18.7.5: Path Traversal in Backup Restore Modifies System Files
CVE-2025-43537
3.5 - Low
- February 11, 2026
A path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5. Restoring a maliciously crafted backup file may lead to modification of protected system files.
Directory traversal
Apple iOS/watchOS: App ID Retrieval Privacy Issue Fixed in 18.7.3/26.2
CVE-2025-46279
9.8 - Critical
- December 17, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, tvOS 26.2. An app may be able to identify what other apps a user has installed.
Information Disclosure
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Apple iPadOS or by Apple? Click the Watch button to subscribe.
