Main Vulnerability Database Vulnerabilities #VU122730

#VU122730 Improper input validation in Apple iOS and iPadOS - CVE-2026-20642

Published: February 11, 2026

Vulnerability identifier: #VU122730

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2026-20642

CWE-ID: CWE-20

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Apple iOS
iPadOS

Software vendor:
Apple Inc.

Description

The vulnerability allows an attacker with physical access to the system to gain access to sensitive information.

The vulnerability exists due to insufficient input validation in Photos. An attacker with physical access to the system can access photos from the lock screen.

Remediation

Install update from vendor's website.

External links

https://support.apple.com/en-us/126346

#VU122730 Improper input validation in Apple iOS and iPadOS - CVE-2026-20642

Description

Remediation

External links

Please verify you're human