CVE-2025-46288
published 2025-12-17CVE-2025-46288: A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. An app may be able to access sensitive payment tokens.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_26.2_and_ipados | — | — |
| apple | ios_and_ipados | < 26.2 | 26.2 |
| apple | ipados | < 26.2 | 26.2 |
| apple | iphone_os | < 26.2 | 26.2 |
| apple | macos | < 26.2 | 26.2 |
| apple | macos_tahoe | — | — |
| apple | visionos | < 26.2 | 26.2 |
| apple | visionos | — | — |
| apple | watchos | < 26.2 | 26.2 |
| apple | watchos | — | — |