CVE-2026-20674

State: PUBLISHED · Published: 2026-02-11 · Updated: 2026-04-02 · Assigner: apple

Description

A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access to a locked device may be able to view sensitive user information.

CWE

CWE-200 — CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Affected

Apple / iOS and iPadOS — v=0 <26.3 [affected]

CVSS

(none)

References

https://support.apple.com/en-us/126346

Source

cvelistV5-main/cves/2026/20xxx/CVE-2026-20674.json