CVE-2026-20678
published 2026-02-11CVE-2026-20678: An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. An app may…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. An app may be able to access sensitive user data.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_18.7.5_and_ipados | — | — |
| apple | ios_26.3_and_ipados | — | — |
| apple | ios_and_ipados | < 18.7.5 | 18.7.5 |
| apple | ios_and_ipados | < 26.3 | 26.3 |
| apple | ipados | < 18.7.5 | 18.7.5 |
| apple | ipados | >= 26.0 < 26.3 | 26.3 |
| apple | iphone_os | < 18.7.5 | 18.7.5 |
| apple | iphone_os | >= 26.0 < 26.3 | 26.3 |