{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-20656", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-11-11T14:43:07.865Z", "datePublished": "2026-02-11T22:58:23.667Z", "dateUpdated": "2026-04-02T18:15:52.101Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to access a user's Safari history"}]}], "affected": [{"vendor": "Apple", "product": "Safari", "versions": [{"version": "0", "status": "affected", "lessThan": "26.3", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"version": "0", "status": "affected", "lessThan": "18.7.5", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "26.3", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A logic issue was addressed with improved validation. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3. An app may be able to access a user's Safari history."}], "references": [{"url": "https://support.apple.com/en-us/126347"}, {"url": "https://support.apple.com/en-us/126348"}, {"url": "https://support.apple.com/en-us/126354"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:15:52.101Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-285", "lang": "en", "description": "CWE-285 Improper Authorization"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-02-18T15:07:38.995870Z", "id": "CVE-2026-20656", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-18T15:07:43.284Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-20656", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-18T15:07:38.995870Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-285", "description": "CWE-285 Improper Authorization"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-18T15:07:21.207Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "Safari", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "26.3", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "26.3", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "18.7", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/126354"}, {"url": "https://support.apple.com/en-us/126348"}, {"url": "https://support.apple.com/en-us/126347"}], "descriptions": [{"lang": "en", "value": "A logic issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, Safari 26.3, macOS Tahoe 26.3. An app may be able to access a user's Safari history."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "An app may be able to access a user's Safari history"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-02-11T22:58:23.667Z"}}}, "cveMetadata": {"cveId": "CVE-2026-20656", "state": "PUBLISHED", "dateUpdated": "2026-02-18T15:07:43.284Z", "dateReserved": "2025-11-11T14:43:07.865Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2026-02-11T22:58:23.667Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", "matchCriteriaId": "13054182-3C0A-47D3-AABE-2B248BA17814", "versionEndExcluding": "26.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "5DF4C0EE-C67C-4BA1-BB50-C51DEC72E486", "versionEndExcluding": "18.7.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "273784FD-F8F0-466D-AF6E-5511FF3781B7", "versionEndExcluding": "18.7.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1EEEE88-5ADA-4C55-9C7C-397E904408DD", "versionEndExcluding": "26.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A logic issue was addressed with improved validation. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3. An app may be able to access a user's Safari history."}, {"lang": "es", "value": "Un problema de l\u00f3gica se abord\u00f3 con validaci\u00f3n mejorada. Este problema se corrigi\u00f3 en iOS 18.7.5 y iPadOS 18.7.5, Safari 26.3, macOS Tahoe 26.3. Una aplicaci\u00f3n podr\u00eda acceder al historial de Safari de un usuario."}], "id": "CVE-2026-20656", "lastModified": "2026-04-02T19:21:18.573", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-02-11T23:16:08.427", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/126347"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/126348"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/126354"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-285"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,18.7)"}}], "product": "ios_and_ipados", "vendor": "apple"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.3)"}}], "product": "macos", "vendor": "apple"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.3)"}}], "product": "safari", "vendor": "apple"}], "analysis": {"en": {"generated_at": "2026-04-15T21:00:45.696289+00:00", "value": {"mitigation_remediation": ["Update Safari, iOS, iPadOS, or macOS to a version that incorporates the fix (Safari\u202f26.3+, iOS\u202f18.7.5+ and iPadOS\u202f18.7.5+).", "Revoke or limit app permissions that request access to web browsing data in system settings. ", "Ensure that only apps from trusted, verified sources are installed; regularly audit installed applications for unnecessary permissions. ", "Monitor Apple\u2019s support portal for any new advisories or patches if an update is not immediately available."], "summary": {"action": "Immediate Update", "impact": "Unauthorized Exposure of Browsing History"}, "threat_synthesis": {"affected_systems": "Apple Safari on macOS, iOS, and iPadOS are affected. The issue has been corrected in Safari 26.3, iOS 18.7.5, iPadOS 18.7.5, and macOS Tahoe 26.3. Users running earlier versions are potentially exposed.\n", "description_and_impact": "A logic flaw in Apple's web browsing components allows a developer or malicious application to read a user's Safari history without proper authorization. This privacy breach can expose sensitive personal information and browsing habits. The weakness is a classic example of an authentication bypass, classified as CWE-285. The vulnerability does not impact system integrity or availability but allows an attacker to gather low\u2011level user data, a concern for compliance and privacy.\n", "risk_and_exploitability": "The CVSS score of 3.3 denotes low severity; exploitation is straightforward if an application can be installed or already exists. The EPSS score of less than 1% suggests that exploitation is unlikely at present, and the vulnerability is not listed in CISA's KEV catalog. The most probable attack vector is local, where a user installs or uses an app that can read Safari history after the logic error is triggered. No additional conditions are required beyond the presence of an affected app.\n"}}}}, "created": "2026-02-12T09:02:47.904285+00:00", "updated": "2026-04-15T21:15:13.571762+00:00", "vendors": ["apple", "apple$PRODUCT$ios_and_ipados", "apple$PRODUCT$macos", "apple$PRODUCT$safari"]}