{"uuid": "c5b7cfe4-31dc-48ad-9aad-8e8bd3c6bf83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "name": "Security content of iOS 26.2 and iPadOS 26.2", "description": "# About the security content of iOS 26.2 and iPadOS 26.2 - Apple Support\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security releases](https://support.apple.com/en-us/100100) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](https://www.cve.org/About/Overview) when possible.\n\nFor more information about security, see the [Apple Product Security](https://support.apple.com/en-us/102549) page.\n\nReleased December 12, 2025\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: An app may be able to access sensitive payment tokens\n\nDescription: A permissions issue was addressed with additional restrictions.\n\nCVE-2025-46288: floeki, Zhongcheng Li from IES Red Team of ByteDance\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: Processing a file may lead to memory corruption\n\nDescription: The issue was addressed with improved bounds checks.\n\nCVE-2025-43539: Michael Reeves (@IntegralPilot)\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: An attacker may be able to spoof their FaceTime caller ID\n\nDescription: An inconsistent user interface issue was addressed with improved state management.\n\nCVE-2025-46287: an anonymous researcher, Riley Walz\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: Multiple issues in curl\n\nDescription: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at [cve.org](https://www.cve.org/).\n\nCVE-2024-7264\n\nCVE-2025-9086\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: Password fields may be unintentionally revealed when remotely controlling a device over FaceTime\n\nDescription: This issue was addressed with improved state management.\n\nCVE-2025-43542: Yi\u011fit Ocak\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: An app may be able to inappropriately access files through the spellcheck API\n\nDescription: A logic issue was addressed with improved checks.\n\nCVE-2025-43518: Noah Gregory (wts.dev)\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: Processing malicious data may lead to unexpected app termination\n\nDescription: A memory corruption issue was addressed with improved bounds checking.\n\nCVE-2025-43532: Andrew Calvano and Lucas Pinheiro of Meta Product Security\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: An app may be able to identify what other apps a user has installed\n\nDescription: A permissions issue was addressed with additional restrictions.\n\nCVE-2025-46279: Duy Tr\u1ea7n (@khanhduytran0)\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: An app may be able to gain root privileges\n\nDescription: An integer overflow was addressed by adopting 64-bit timestamps.\n\nCVE-2025-46285: Kaitao Xie and Xiaolong Bai of Alibaba Group\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: Processing a file may lead to memory corruption\n\nDescription: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at [cve.org](https://www.cve.org/).\n\nCVE-2025-5918\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: A logging issue was addressed with improved data redaction.\n\nCVE-2025-43475: Rosyna Keller of Totally Not Malicious Software\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: An app may be able to access sensitive user data\n\nDescription: An information disclosure issue was addressed with improved privacy controls.\n\nCVE-2025-46276: Rosyna Keller of Totally Not Malicious Software\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: A malicious HID device may cause an unexpected process crash\n\nDescription: Multiple memory corruption issues were addressed with improved input validation.\n\nCVE-2025-43533: Google Threat Analysis Group\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: Photos in the Hidden Photos Album may be viewed without authentication\n\nDescription: A configuration issue was addressed with additional restrictions.\n\nCVE-2025-43428: an anonymous researcher, Michael Schmutzer of Technische Hochschule Ingolstadt\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: An app may be able to access a user\u2019s Safari history\n\nDescription: A logging issue was addressed with improved data redaction.\n\nCVE-2025-46277: Kirin (@Pwnrin)\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: An app may be able to access sensitive user data\n\nDescription: A logging issue was addressed with improved data redaction.\n\nCVE-2025-43538: Iv\u00e1n Savransky\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: An app may be able to access user-sensitive data\n\nDescription: This issue was addressed with additional entitlement checks.\n\nCVE-2025-46292: Rosyna Keller of Totally Not Malicious Software\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: Processing maliciously crafted web content may lead to an unexpected Safari crash\n\nDescription: A type confusion issue was addressed with improved state handling.\n\nWebKit Bugzilla: 301257\n\nCVE-2025-43541: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: Processing maliciously crafted web content may lead to an unexpected process crash\n\nDescription: A use-after-free issue was addressed with improved memory management.\n\nWebKit Bugzilla: 301726\n\nCVE-2025-43536: Nan Wang (@eternalsakura13)\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: Processing maliciously crafted web content may lead to an unexpected process crash\n\nDescription: The issue was addressed with improved memory handling.\n\nWebKit Bugzilla: 300774\n\nWebKit Bugzilla: 301338\n\nCVE-2025-43535: Google Big Sleep, Nan Wang (@eternalsakura13)\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: Processing maliciously crafted web content may lead to an unexpected process crash\n\nDescription: A buffer overflow issue was addressed with improved memory handling.\n\nWebKit Bugzilla: 301371\n\nCVE-2025-43501: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: Processing maliciously crafted web content may lead to an unexpected process crash\n\nDescription: A race condition was addressed with improved state handling.\n\nWebKit Bugzilla: 301940\n\nCVE-2025-43531: Phil Pizlo of Epic Games\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 was also issued in response to this report.\n\nDescription: A use-after-free issue was addressed with improved memory management.\n\nWebKit Bugzilla: 302502\n\nCVE-2025-43529: Google Threat Analysis Group\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: Processing maliciously crafted web content may lead to memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-43529 was also issued in response to this report.\n\nDescription: A memory corruption issue was addressed with improved validation.\n\nWebKit Bugzilla: 303614\n\nCVE-2025-14174: Apple and Google Threat Analysis Group\n\nAvailable for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 8th generation and later, and iPad mini 5th generation and later\n\nImpact: Processing maliciously crafted web content may lead to an unexpected process crash\n\nDescription: A use-after-free issue was addressed with improved memory management.\n\nWebKit Bugzilla: 300926\n\nCVE-2025-43511: \uc774\ub3d9\ud558 (Lee Dong Ha of BoB 14th)\n\nWe would like to acknowledge an anonymous researcher for their assistance.\n\nWe would like to acknowledge Mickey Jin (@patch1t) for their assistance.\n\nWe would like to acknowledge Golden Helm Securities for their assistance.\n\nWe would like to acknowledge Mochammad Nosa Shandy Prastyo for their assistance.\n\nWe would like to acknowledge Richard Hyunho Im (@richeeta) at Route Zero Security (routezero.security) for their assistance.\n\nWe would like to acknowledge Geva Nurgandi Syahputra (gevakun) for their assistance.\n\nInformation about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. [Contact the vendor](https://support.apple.com/103190) for additional information.\n\nPublished Date:\u00a0December 12, 2025", "creation_timestamp": "2025-12-16T06:48:31.589489+00:00", "timestamp": "2025-12-16T06:48:44.893170+00:00", "related_vulnerabilities": ["CVE-2025-46285", "CVE-2025-43542", "CVE-2025-43536", "CVE-2025-43541", "CVE-2025-43539", "CVE-2025-43529", "CVE-2025-43501", "CVE-2024-7264", "CVE-2025-43532", "CVE-2025-43531", "CVE-2025-43475", "CVE-2025-43535", "CVE-2025-43511", "CVE-2025-5918", "CVE-2025-46287", "CVE-2025-46276", "CVE-2025-43538", "CVE-2025-14174", "CVE-2025-43428", "CVE-2025-43533", "CVE-2025-43518", "CVE-2025-46277", "CVE-2025-46292", "CVE-2025-46288", "CVE-2025-9086", "CVE-2025-46279"], "author": {"login": "adulau", "name": "Alexandre Dulaunoy", "uuid": "c933734a-9be8-4142-889e-26e95c752803"}}