CVE-2026-20648

Summary

A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Tahoe 26.3. A malicious app may be able to access notifications from other iCloud devices.

Affected Software

VendorProductVersion RangeStatus
ApplemacOS0 < 26.3affected

Weaknesses

  • A malicious app may be able to access notifications from other iCloud devices

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References