An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 26.1 and iPadOS 26.1, Pages 15.1, macOS Tahoe 26.1. Processing a maliciously crafted Pages document may result in unexpected termination or disclosure of process memory.
References
| Link | Resource |
|---|---|
| https://support.apple.com/en-us/125632 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/125634 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/126255 | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
30 Jan 2026, 16:50
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://support.apple.com/en-us/125632 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/125634 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/126255 - Release Notes, Vendor Advisory | |
| First Time |
Apple pages
Apple iphone Os Apple ipados Apple Apple macos |
|
| CPE | cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:a:apple:pages:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* |
28 Jan 2026, 20:16
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-125 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.3 |
28 Jan 2026, 18:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-01-28 18:16
Updated : 2026-01-30 16:50
NVD link : CVE-2025-46316
Mitre link : CVE-2025-46316
CVE.ORG link : CVE-2025-46316
JSON object : View
Products Affected
apple
- iphone_os
- ipados
- pages
- macos
CWE
CWE-125
Out-of-bounds Read