A logic issue was addressed with improved checks. This issue is fixed in watchOS 26.3, macOS Tahoe 26.3, macOS Sonoma 14.8.4, macOS Sequoia 15.7.4, iOS 26.3 and iPadOS 26.3. An app may be able to break out of its sandbox.
References
| Link | Resource |
|---|---|
| https://support.apple.com/en-us/126346 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/126348 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/126349 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/126350 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/126352 | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
13 Feb 2026, 20:17
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-693 |
12 Feb 2026, 18:29
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://support.apple.com/en-us/126346 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/126348 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/126349 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/126350 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/126352 - Release Notes, Vendor Advisory | |
| First Time |
Apple watchos
Apple iphone Os Apple ipados Apple Apple macos |
|
| CWE | NVD-CWE-noinfo | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
| CPE | cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* |
11 Feb 2026, 23:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-02-11 23:16
Updated : 2026-02-13 20:17
NVD link : CVE-2026-20667
Mitre link : CVE-2026-20667
CVE.ORG link : CVE-2026-20667
JSON object : View
Products Affected
apple
- iphone_os
- ipados
- macos
- watchos
CWE