CVE-2026-20673

critical

Description

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.4, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3, macOS Sonoma 14.8.4. Turning off "Load remote content in messages” may not apply to all mail previews.

References

https://support.apple.com/en-us/126350

https://support.apple.com/en-us/126349

https://support.apple.com/en-us/126348

https://support.apple.com/en-us/126347

Details

Source: Mitre, NVD

Published: 2026-02-11

Updated: 2026-02-11

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Severity: Critical

Detections

Analytics