Description
The issue was addressed with improved handling of caches. This issue is fixed in iOS 26.1 and iPadOS 26.1. A malicious app may be able to track users between installs.
Published: 2025-11-04
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Information disclosure via user tracking
Action: Immediate patch
AI Analysis

Impact

A flaw in the cache handling of iOS and iPadOS allows a malicious application to maintain persistence of identifiers across uninstallations and reinstallations. The vulnerability enables an attacker to track a user’s device and activity between app installs, potentially compromising privacy and facilitating targeted data collection. This presents a moderate to high confidentiality impact.

Affected Systems

Apple’s iOS and iPadOS platforms are affected. Products include iPhone OS (iOS) and iPadOS. Firmware versions prior to iOS 26.1 and iPadOS 26.1 are vulnerable; the fix is available in those respective 26.1 releases.

Risk and Exploitability

The CVSS score of 7.5 indicates a high severity. However, the EPSS score is reported as less than 1%, suggesting a low current likelihood of exploitation. The vulnerability is not listed in CISA’s KEV catalog. Based on the description, the likely attack vector involves a malicious app distributed through an alternate app store or side‑loading mechanism, which then degrades the user’s privacy by tracking through cached identifiers.

Generated by OpenCVE AI on April 27, 2026 at 23:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the device to iOS 26.1 or iPadOS 26.1 to apply the cache handling fix
  • Remove any recently installed apps that are not from a trusted source
  • Enable App Tracking Transparency to limit tracking by third‑party applications
  • Adjust system privacy settings and app permissions to limit shared cache data, addressing the underlying information exposure weakness (CWE‑200)

Generated by OpenCVE AI on April 27, 2026 at 23:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://support.apple.com/en-us/125632 cve-icon cve-icon
History

Mon, 27 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Title App can track users across installs via cache vulnerability

Tue, 04 Nov 2025 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple iphone Os
CPEs cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Vendors & Products Apple iphone Os

Tue, 04 Nov 2025 17:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 04 Nov 2025 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ios
Apple ipados
Vendors & Products Apple
Apple ios
Apple ipados

Tue, 04 Nov 2025 01:45:00 +0000

Type Values Removed Values Added
Description The issue was addressed with improved handling of caches. This issue is fixed in iOS 26.1 and iPadOS 26.1. A malicious app may be able to track users between installs.
References

Subscriptions

Apple Ios Ipados Iphone Os
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:11:26.593Z

Reserved: 2025-04-16T15:24:37.125Z

Link: CVE-2025-43449

cve-icon Vulnrichment

Updated: 2025-11-04T16:29:49.484Z

cve-icon NVD

Status : Analyzed

Published: 2025-11-04T02:15:50.640

Modified: 2025-11-04T18:47:36.087

Link: CVE-2025-43449

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-27T23:30:15Z

Weaknesses