Description
A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Tahoe 26.3. A malicious app may be able to access notifications from other iCloud devices.
Published: 2026-02-11
Score: 5.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Privacy Breach
Action: Immediate Patch
AI Analysis

Impact

A vulnerability in macOS could allow a malicious application to read notifications from other iCloud devices, exposing sensitive personal information. The flaw originates from an improper handling of protected data, leading to unauthorized disclosure of private notification content, which is identified as a privacy violation (CWE‑200).

Affected Systems

Apple's macOS operating system is affected, particularly versions earlier than macOS Tahoe 26.3, which contains the fix for this issue.

Risk and Exploitability

The CVSS score of 5.5 indicates a medium severity of the vulnerability, while an EPSS score of less than 1% implies a low probability of exploitation. The vulnerability is not listed in the CISA KEV catalog. Based on the description, the likely attack vector is a local installation of a malicious application that can access iCloud notification data. No remote exploitation is mentioned, so the threat requires the attacker to have physical or remote access to install the malicious app.

Generated by OpenCVE AI on April 15, 2026 at 20:47 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update macOS to version 26.3 or later to apply the vendor patch
  • Restrict installation to trusted applications by disabling or monitoring app sources
  • Grant iCloud notification access only to authorized applications and revoke permissions for unverified apps

Generated by OpenCVE AI on April 15, 2026 at 20:47 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://support.apple.com/en-us/126348 cve-icon cve-icon
History

Wed, 15 Apr 2026 21:15:00 +0000

Type Values Removed Values Added
Title Malicious Application Can Read iCloud Device Notifications via Sensitive Data Exposure

Fri, 13 Feb 2026 15:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Thu, 12 Feb 2026 19:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 12 Feb 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Vendors & Products Apple
Apple macos

Wed, 11 Feb 2026 23:15:00 +0000

Type Values Removed Values Added
Description A privacy issue was addressed by moving sensitive data to a protected location. This issue is fixed in macOS Tahoe 26.3. A malicious app may be able to access notifications from other iCloud devices.
References

Subscriptions

Apple Macos
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:25:28.055Z

Reserved: 2025-11-11T14:43:07.863Z

Link: CVE-2026-20648

cve-icon Vulnrichment

Updated: 2026-02-12T19:01:49.041Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-11T23:16:07.730

Modified: 2026-02-13T14:47:19.083

Link: CVE-2026-20648

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-15T21:00:09Z

Weaknesses