CVE-2026-20686 — Vulnetix

Try Vulnetix Request Demo

CVE-2026-20686 PUBLISHED CVSS 5.300000190734863 MEDIUM

This issue was addressed with improved input validation. This issue is fixed in iOS 26.3 and iPadOS 26.3. An app may be able to access sensitive user data.

EPSS 0.02% · 4.7th percentile

Risk Scores

CVSS v3.1

5.300000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS Score

0.02%

4.7th percentile

Affected Products

Vendor	Product	Versions
apple	ipados	0, 0
Apple	iOS and iPadOS	0, 0
apple	iphone_os	0, 0

Timeline

Mar 25, 2026 EPSS Score
Mar 25, 2026 Coalition ESS Score
Mar 25, 2026 CVE Published
Mar 29, 2026 Security Advisory
Apr 2, 2026 CVE Updated

References

https://support.apple.com/en-us/126346 technical
https://nvd.nist.gov/vuln/detail/CVE-2026-20686 advisory

Open in Interactive Console →