VDB
GCVE-110-NCSC-2026-102
GCVE-110-NCSC-2026-102
Advisory PublishedCVSS 5.3/10
An authorization vulnerability allowing apps to potentially access sensitive user data was resolved by enhancing state management in iOS 26.4, iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, visionOS 26.4, and watchOS 26.4.
Weaknesses (CWE)
CWE-522Insufficiently Protected CredentialsCWE-190Integer Overflow or WraparoundCWE-201Insertion of Sensitive Information Into Sent DataCWE-918Server-Side Request Forgery (SSRF)CWE-125Out-of-bounds ReadCWE-150Improper Neutralization of Escape, Meta, or Control SequencesCWE-288Authentication Bypass Using an Alternate Path or ChannelCWE-346Origin Validation ErrorCWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Risk Scores
CVSS 3.1
5.3/10
Medium · CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Apple | vers:unknown/* | — | — |
Aliases
CVE-2025-14524CVE-2025-55753CVE-2025-58098CVE-2025-59775CVE-2025-64505CVE-2025-65082CVE-2025-66200CVE-2026-20607CVE-2026-20631CVE-2026-20632CVE-2026-20633CVE-2026-20637CVE-2026-20639CVE-2026-20643CVE-2026-20651CVE-2026-20657CVE-2026-20660CVE-2026-20664CVE-2026-20665CVE-2026-20668CVE-2026-20684CVE-2026-20687CVE-2026-20688CVE-2026-20690CVE-2026-20691CVE-2026-20692CVE-2026-20693CVE-2026-20694CVE-2026-20695CVE-2026-20697CVE-2026-20698CVE-2026-20699CVE-2026-20701CVE-2026-28816CVE-2026-28817CVE-2026-28818CVE-2026-28820CVE-2026-28821CVE-2026-28822CVE-2026-28823CVE-2026-28824CVE-2026-28825CVE-2026-28826CVE-2026-28827CVE-2026-28828CVE-2026-28829CVE-2026-28831CVE-2026-28832CVE-2026-28833CVE-2026-28834CVE-2026-28835CVE-2026-28837CVE-2026-28838CVE-2026-28839CVE-2026-28841CVE-2026-28842CVE-2026-28844CVE-2026-28845CVE-2026-28852CVE-2026-28857CVE-2026-28859CVE-2026-28861CVE-2026-28862CVE-2026-28864CVE-2026-28865CVE-2026-28866CVE-2026-28867CVE-2026-28868CVE-2026-28870CVE-2026-28871CVE-2026-28876CVE-2026-28877CVE-2026-28878CVE-2026-28879CVE-2026-28880CVE-2026-28881CVE-2026-28882CVE-2026-28886CVE-2026-28888CVE-2026-28891CVE-2026-28892CVE-2026-28893CVE-2026-28894
References
Browse GCVE Records
72,921 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.