VDB
CVE-2026-28855
CVE-2026-28855
PUBLISHED
CVSS 7.5 HIGH
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3. An app may be able to access protected user data.
EPSS 0.04% · 14.1th percentile
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
0.04%
14.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | macOS | 0, 0 |
| apple | iphone_os | 0, 0 |
| Apple | iOS and iPadOS | 0, 0 |
| apple | macos | 26.0, 26.0 |
| apple | ipados | 0, 0 |
Timeline
- Mar 25, 2026 EPSS Score
- Mar 25, 2026 Coalition ESS Score
- Mar 25, 2026 CVE Published
- Mar 29, 2026 Security Advisory
- Apr 2, 2026 CVE Updated
- May 18, 2026 EPSS Score
- May 19, 2026 EPSS Score
- May 20, 2026 EPSS Score
- May 21, 2026 EPSS Score
- May 22, 2026 EPSS Score
- May 23, 2026 EPSS Score
- May 24, 2026 EPSS Score