This vulnerability affects the logging mechanism in iOS and iPadOS, allowing an app to access sensitive user data. Specifically, it enables an app to identify what other apps a user has installed or take a screenshot of sensitive information in embedded views.
iOS 26.1 and iPadOS 26.1 (affected versions: 2025 through 43442). Check with: xcrun --sdk iphoneos find /System/Library/PrivilegedAssistantFramework/PrivilegedAssistant.framework/PrivilegedAssistant 2>/dev/null
Note: This CVE is specific to iOS and iPadOS, not related to macOS or watchOS.
Upgrade to iOS 26.1 or later (available on Apple's support page).
- For immediate mitigations:
- Restrict network access to your device (firewall it from the public internet)
- Audit app permissions for suspicious activity