CVE-2025-46316

🔶 medium

Summary

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 26.1 and iPadOS 26.1, Pages 15.1, macOS Tahoe 26.1. Processing a maliciously crafted Pages document may result in unexpected termination or disclosure of process memory.

CVSS Score

4.3

Medium

EPSS Score

0.0

Exploit Probability

Published Date

2026-01-28

First Seen: 2026-01-29

Last Modified 2026-01-30

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CWE IDs (Weakness Types)

CWE-125

🔗 References 3

https://support.apple.com/en-us/125632

Release Notes Vendor Advisory

https://support.apple.com/en-us/125634

Release Notes Vendor Advisory

https://support.apple.com/en-us/126255

Release Notes Vendor Advisory

📦 Affected Products 4

Vendor	Product	Status	Affected Versions
apple	iphone_os	Affected	< 26.1
apple	pages	Affected	< 15.1
apple	ipados	Affected	< 26.1
apple	macos	Affected	< 26.1

🔗 Related CVEs 6

CVE ID	Severity	CVSS	Summary	Published
CVE-2025-46306	🔶 medium	5.5	The issue was addressed with improved bounds checks. This issue is fixed in macOS Tahoe 26, Keynote 15.1, iOS 26 and iPa...	2026-01-28
CVE-2024-44238	⚠️ high	7.8	The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1. An app may be able...	2026-01-16
CVE-2024-54556	ℹ️ low	2.4	This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. A user may ...	2026-01-16
CVE-2025-24089	🔶 medium	5.3	A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3. An app ...	2026-01-16
CVE-2025-24090	ℹ️ low	3.3	A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3. An app ...	2026-01-16
CVE-2024-44210	ℹ️ low	3.3	This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. An app may be ab...	2026-01-16

These CVEs affect the same products