Apple Ios 26.3 And Ipados vulnerabilities

CVE-2026-20677 [CRITICAL] CVE-2026-20677: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2026-20677 Component: Messages Impact: A shortcut may be able to bypass sandbox restrictions Description: A race condition was addressed with improved handling of symbolic links.

CVE-2026-20606 [HIGH] CVE-2026-20606: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2026-20606 Component: UIKit Impact: An app may be able to bypass certain Privacy preferences Description: This issue was addressed by removing the vulnerable code.

CVE-2026-20626 [HIGH] CVE-2026-20626: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2026-20626 Component: Kernel Impact: A malicious app may be able to gain root privileges Description: This issue was addressed with improved checks.

CVE-2026-20641 [HIGH] CVE-2026-20641: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2026-20641 Component: StoreKit Impact: An app may be able to identify what other apps a user has installed Description: A privacy issue was addressed with improved checks.

CVE-2026-20611 [HIGH] CVE-2026-20611: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2026-20611 Component: CoreAudio Impact: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory Description: An out-of-bounds access issue was addressed with improved bounds checking.

CVE-2026-20649 [HIGH] CVE-2026-20649: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2026-20649 Component: Game Center Impact: A user may be able to view sensitive user information Description: A logging issue was addressed with improved data redaction.

CVE-2025-59375 [HIGH] CVE-2025-59375: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2025-59375 Component: CVE-2025-59375 Impact: An app may be able to break out of its sandbox Description: A logic issue was addressed with improved checks.

CVE-2026-20628 [HIGH] CVE-2026-20628: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2026-20628 Component: Sandbox Impact: An app may be able to break out of its sandbox Description: A permissions issue was addressed with additional restrictions.

CVE-2026-20652 [HIGH] CVE-2026-20652: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2026-20652 Component: WebKit Impact: A remote attacker may be able to cause a denial-of-service Description: The issue was addressed with improved memory handling.

CVE-2025-43529 [HIGH] CVE-2025-43529: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2025-43529 Component: CoreServices Impact: An app may be able to access sensitive user data Description: An issue existed in the handling of environment variables. This issue was addressed with improved validation.

CVE-2026-20667 [HIGH] CVE-2026-20667: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2026-20667 Component: CVE-2025-59375 Impact: An app may be able to break out of its sandbox Description: A logic issue was addressed with improved checks.

CVE-2026-20700 [HIGH] CVE-2026-20700: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2026-20700 Component: CoreServices Impact: An app may be able to access sensitive user data Description: An issue existed in the handling of environment variables. This issue was addressed with improved validation.

CVE-2025-14174 [HIGH] CVE-2025-14174: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2025-14174 Component: CoreServices Impact: An app may be able to access sensitive user data Description: An issue existed in the handling of environment variables. This issue was addressed with improved validation.

CVE-2026-20660 [HIGH] CVE-2026-20660: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2026-20660 Component: CFNetwork Impact: A remote user may be able to write arbitrary files Description: A path handling issue was addressed with improved logic.

CVE-2026-20617 [HIGH] CVE-2026-20617: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2026-20617 Component: CoreServices Impact: An app may be able to gain root privileges Description: A race condition was addressed with improved state handling.

CVE-2026-20650 [HIGH] CVE-2026-20650: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2026-20650 Component: Bluetooth Impact: An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Bluetooth packets Description: A denial-of-service issue was addressed with improved validation.

CVE-2026-28855 [HIGH] CVE-2026-28855: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2026-28855 Component: Screen Time Impact: An app may be able to access protected user data Description: A permissions issue was addressed with additional restrictions.

CVE-2026-20615 [HIGH] CVE-2026-20615: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2026-20615 Component: CoreServices Impact: An app may be able to gain root privileges Description: A path handling issue was addressed with improved validation.

CVE-2026-20682 [MEDIUM] CVE-2026-20682: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2026-20682 Component: Screenshots Impact: An attacker may be able to discover a user’s deleted notes Description: A logic issue was addressed with improved state management.

CVE-2026-20653 [MEDIUM] CVE-2026-20653: iOS 26.3 and iPadOS 26.3 Apple Security Update: About the security content of iOS 26.3 and iPadOS 26.3 Product: iOS 26.3 and iPadOS Version: 26.3 CVE: CVE-2026-20653 Component: Shortcuts Impact: An app may be able to access sensitive user data Description: A parsing issue in the handling of directory paths was addressed with improved path validation.