CVE-2026-20625

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

5.5 / 10

Vector String

                                        CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N                                    

Vulnerability Description

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.4, macOS Tahoe 26.3, macOS Sonoma 14.8.4, visionOS 26.3. An app may be able to access sensitive user data.

Vulnerability Details

Published Date

February 11, 2026

Last Modified

February 12, 2026

CWE ID

CWE-22

Source

NVD

Vendor

Apple

Product

macOS, visionOS

External References

https://support.apple.com/en-us/126348
https://support.apple.com/en-us/126349
https://support.apple.com/en-us/126350
https://support.apple.com/en-us/126353

CVE-2026-20625

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment