A permissions issue was addressed with additional restrictions. This issue is fixed in visionOS 26.2, iOS 26.2 and iPadOS 26.2, watchOS 26.2, macOS Tahoe 26.2. An app may be able to access sensitive payment tokens.
References
| Link | Resource |
|---|---|
| https://support.apple.com/en-us/125884 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/125886 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/125890 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/125891 | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
18 Dec 2025, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-284 |
18 Dec 2025, 19:47
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
| CWE | NVD-CWE-noinfo | |
| First Time |
Apple watchos
Apple iphone Os Apple visionos Apple ipados Apple Apple macos |
|
| References | () https://support.apple.com/en-us/125884 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/125886 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/125890 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/125891 - Release Notes, Vendor Advisory |
17 Dec 2025, 21:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-12-17 21:16
Updated : 2025-12-18 20:15
NVD link : CVE-2025-46288
Mitre link : CVE-2025-46288
CVE.ORG link : CVE-2025-46288
JSON object : View
Products Affected
apple
- watchos
- iphone_os
- visionos
- ipados
- macos
CWE