CVE-2025-46292

EUVD-2025-203960
This issue was addressed with additional entitlement checks. This issue is fixed in iOS 26.2 and iPadOS 26.2, iOS 18.7.3 and iPadOS 18.7.3. An app may be able to access user-sensitive data.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CISA-ADPADP
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
Affected Products (NVD)
VendorProductVersion
appleipados
𝑥
< 18.7.3
appleipados
26.0 ≤
𝑥
< 26.2
appleiphone_os
𝑥
< 18.7.3
appleiphone_os
26.0 ≤
𝑥
< 26.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.apple.com/en-us/125884
https://support.apple.com/en-us/125885