CVE-2026-20656 | THREATINT

Description

A logic issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, Safari 26.3, macOS Tahoe 26.3. An app may be able to access a user's Safari history.

PUBLISHED Reserved 2025-11-11 | Published 2026-02-11 | Updated 2026-02-18 | Assigner apple

Problem types

An app may be able to access a user's Safari history

Product status

Any version before 26.3

affected

Any version before 26.3

affected

Any version before 18.7

affected

References

support.apple.com/en-us/126354

support.apple.com/en-us/126348

support.apple.com/en-us/126347

cve.org (CVE-2026-20656)

nvd.nist.gov (CVE-2026-20656)

Download JSON