{"id":1253,"date":"2026-02-11T20:04:40","date_gmt":"2026-02-11T20:04:40","guid":{"rendered":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/"},"modified":"2026-02-11T20:04:40","modified_gmt":"2026-02-11T20:04:40","slug":"apple-patches-everything-february-2026-wed-feb-11th","status":"publish","type":"post","link":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/","title":{"rendered":"Apple Patches Everything: February 2026, (Wed, Feb 11th)"},"content":{"rendered":"
\n

Today, Apple released updates for all of its operating systems (iOS, iPadOS, macOS, tvOS, watchOS, and visionOS). The update fixes 71 distinct vulnerabilities, many of which affect multiple operating systems. Older versions of iOS, iPadOS, and macOS are also updated.<\/p>\n

OF special note is\u00a0CVE-2026-20700. This vulnerability has already been exploited in targeted attacks. It allows attackers who can write to memory to execute code. Two vulnerabilities patched in December are related to the same attack (CVE-2025-14174 and CVE-2025-43529).<\/p>\n

Interesting are additional Siri\/Voice Over vulnerabilities that allow access to some information on locked devices. This is a recurring issue, and you should probably turn off VoiceOver and Siri on locked devices. Another recurring and likely impossible to completely eliminate threat is applications being able to access data from other applications. To reduce the probability of exploitation, limit the Apps you install on your devices.<\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
iOS 26.3 and iPadOS 26.3<\/th>\niOS 18.7.5 and iPadOS 18.7.5<\/th>\nmacOS Tahoe 26.3<\/th>\nmacOS Sequoia 15.7.4<\/th>\nmacOS Sonoma 14.8.4<\/th>\ntvOS 26.3<\/th>\nwatchOS 26.3<\/th>\nvisionOS 26.3<\/th>\n<\/tr>\n<\/thead>\n
CVE-2025-43338:<\/b> Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
\n\t\t\tAffects ImageIO<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2025-43402:<\/b> An app may be able to cause unexpected system termination or corrupt process memory.
\n\t\t\tAffects WindowServer<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2025-43403:<\/b> An app may be able to access sensitive user data.
\n\t\t\tAffects Compression<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2025-43417:<\/b> An app may be able to access user-sensitive data.
\n\t\t\tAffects File Bookmark<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2025-43537:<\/b> Restoring a maliciously crafted backup file may lead to modification of protected system files.
\n\t\t\tAffects Books<\/td>\n<\/tr>\n
\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2025-46283:<\/b> An app may be able to access sensitive user data.
\n\t\t\tAffects CoreServices<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2025-46290:<\/b> A remote attacker may be able to cause a denial-of-service.
\n\t\t\tAffects Security<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2025-46305:<\/b> A malicious HID device may cause an unexpected process crash.
\n\t\t\tAffects Multi-Touch<\/td>\n<\/tr>\n
\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2025-46310:<\/b> An attacker with root privileges may be able to delete protected system files.
\n\t\t\tAffects PackageKit<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20601:<\/b> An app may be able to monitor keystrokes without user permission.
\n\t\t\tAffects Foundation<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20602:<\/b> An app may be able to cause a denial-of-service.
\n\t\t\tAffects WindowServer<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20603:<\/b> An app with root privileges may be able to access private information.
\n\t\t\tAffects Notification Center<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20605:<\/b> An app may be able to crash a system process.
\n\t\t\tAffects Voice Control<\/td>\n<\/tr>\n
\u00a0<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20606:<\/b> An app may be able to bypass certain Privacy preferences.
\n\t\t\tAffects UIKit<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20608:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.
\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20609:<\/b> Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents.
\n\t\t\tAffects CoreMedia<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20610:<\/b> An app may be able to gain root privileges.
\n\t\t\tAffects Setup Assistant<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20611:<\/b> Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
\n\t\t\tAffects CoreAudio<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20612:<\/b> An app may be able to access sensitive user data.
\n\t\t\tAffects Spotlight<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20614:<\/b> An app may be able to gain root privileges.
\n\t\t\tAffects Remote Management<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20615:<\/b> An app may be able to gain root privileges.
\n\t\t\tAffects CoreServices<\/td>\n<\/tr>\n
x<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20616:<\/b> Processing a maliciously crafted USD file may lead to unexpected app termination.
\n\t\t\tAffects Model I\/O<\/td>\n<\/tr>\n
\u00a0<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20617:<\/b> An app may be able to gain root privileges.
\n\t\t\tAffects CoreServices<\/td>\n<\/tr>\n
x<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20618:<\/b> An app may be able to access user-sensitive data.
\n\t\t\tAffects System Settings<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20619:<\/b> An app may be able to access sensitive user data.
\n\t\t\tAffects System Settings<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20620:<\/b> An attacker may be able to cause unexpected system termination or read kernel memory.
\n\t\t\tAffects GPU Drivers<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20621:<\/b> An app may be able to cause unexpected system termination or corrupt kernel memory.
\n\t\t\tAffects Wi-Fi<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20623:<\/b> An app may be able to access protected user data.
\n\t\t\tAffects Foundation<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20624:<\/b> An app may be able to access sensitive user data.
\n\t\t\tAffects AppleMobileFileIntegrity<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20625:<\/b> An app may be able to access sensitive user data.
\n\t\t\tAffects AppleMobileFileIntegrity<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20626:<\/b> A malicious app may be able to gain root privileges.
\n\t\t\tAffects Kernel<\/td>\n<\/tr>\n
x<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20627:<\/b> An app may be able to access sensitive user data.
\n\t\t\tAffects CoreServices<\/td>\n<\/tr>\n
x<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20628:<\/b> An app may be able to break out of its sandbox.
\n\t\t\tAffects Sandbox<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20629:<\/b> An app may be able to access user-sensitive data.
\n\t\t\tAffects Foundation<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20630:<\/b> An app may be able to access protected user data.
\n\t\t\tAffects LaunchServices<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20634:<\/b> Processing a maliciously crafted image may result in disclosure of process memory.
\n\t\t\tAffects ImageIO<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20635:<\/b> Processing maliciously crafted web content may lead to an unexpected process crash.
\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20638:<\/b> A user with Live Caller ID app extensions turned off could have identifying information leaked to the extensions.
\n\t\t\tAffects Call History<\/td>\n<\/tr>\n
x<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20640:<\/b> An attacker with physical access to iPhone may be able to take and view screenshots of sensitive data from the iPhone during iPhone Mirroring with Mac.
\n\t\t\tAffects UIKit<\/td>\n<\/tr>\n
x<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20641:<\/b> An app may be able to identify what other apps a user has installed.
\n\t\t\tAffects StoreKit<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20642:<\/b> A person with physical access to an iOS device may be able to access photos from the lock screen.
\n\t\t\tAffects Photos<\/td>\n<\/tr>\n
x<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20645:<\/b> An attacker with physical access to a locked device may be able to view sensitive user information.
\n\t\t\tAffects Accessibility<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20646:<\/b> A malicious app may be able to read sensitive location information.
\n\t\t\tAffects Weather<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20647:<\/b> An app may be able to access sensitive user data.
\n\t\t\tAffects Siri<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20648:<\/b> A malicious app may be able to access notifications from other iCloud devices.
\n\t\t\tAffects Siri<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20649:<\/b> A user may be able to view sensitive user information.
\n\t\t\tAffects Game Center<\/td>\n<\/tr>\n
x<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20650:<\/b> An attacker in a privileged network position may be able to perform denial-of-service attack using crafted Bluetooth packets.
\n\t\t\tAffects Bluetooth<\/td>\n<\/tr>\n
x<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20652:<\/b> A remote attacker may be able to cause a denial-of-service.
\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20653:<\/b> An app may be able to access sensitive user data.
\n\t\t\tAffects Shortcuts<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20654:<\/b> An app may be able to cause unexpected system termination.
\n\t\t\tAffects Kernel<\/td>\n<\/tr>\n
x<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20655:<\/b> An attacker with physical access to a locked device may be able to view sensitive user information.
\n\t\t\tAffects Live Captions<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20656:<\/b> An app may be able to access a user’s Safari history.
\n\t\t\tAffects Safari<\/td>\n<\/tr>\n
\u00a0<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20658:<\/b> An app may be able to gain root privileges.
\n\t\t\tAffects Security<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20660:<\/b> A remote user may be able to write arbitrary files.
\n\t\t\tAffects CFNetwork<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20661:<\/b> An attacker with physical access to a locked device may be able to view sensitive user information.
\n\t\t\tAffects VoiceOver<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20662:<\/b> An attacker with physical access to a locked device may be able to view sensitive user information.
\n\t\t\tAffects Siri<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20663:<\/b> An app may be able to enumerate a user’s installed apps.
\n\t\t\tAffects LaunchServices<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20666:<\/b> An app may be able to access sensitive user data.
\n\t\t\tAffects NSOpenPanel<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20667:<\/b> An app may be able to break out of its sandbox.
\n\t\t\tAffects libxpc<\/td>\n<\/tr>\n
x<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20669:<\/b> An app may be able to access sensitive user data.
\n\t\t\tAffects Admin Framework<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20671:<\/b> An attacker in a privileged network position may be able to intercept network traffic.
\n\t\t\tAffects Kernel<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20673:<\/b> Turning off “Load remote content in messages? may not apply to all mail previews.
\n\t\t\tAffects Mail<\/td>\n<\/tr>\n
\u00a0<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20674:<\/b> An attacker with physical access to a locked device may be able to view sensitive user information.
\n\t\t\tAffects Accessibility<\/td>\n<\/tr>\n
x<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20675:<\/b> Processing a maliciously crafted image may lead to disclosure of user information.
\n\t\t\tAffects ImageIO<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20676:<\/b> A website may be able to track users through Safari web extensions.
\n\t\t\tAffects WebKit<\/td>\n<\/tr>\n
x<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20677:<\/b> A shortcut may be able to bypass sandbox restrictions.
\n\t\t\tAffects Messages<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n<\/tr>\n
CVE-2026-20678:<\/b> An app may be able to access sensitive user data.
\n\t\t\tAffects Sandbox Profiles<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20680:<\/b> A sandboxed app may be able to access sensitive user data.
\n\t\t\tAffects Spotlight<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20681:<\/b> An app may be able to access information about a user’s contacts.
\n\t\t\tAffects Contacts<\/td>\n<\/tr>\n
\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20682:<\/b> An attacker may be able to discover a user’s deleted notes.
\n\t\t\tAffects Screenshots<\/td>\n<\/tr>\n
x<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\n<\/tr>\n
CVE-2026-20700:<\/b> An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report<\/strong>..
\n\t\t\tAffects dyld<\/td>\n<\/tr>\n
x<\/td>\n\u00a0<\/td>\nx<\/td>\n\u00a0<\/td>\n\u00a0<\/td>\nx<\/td>\nx<\/td>\nx<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n


\nJohannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu<\/a>
\nTwitter<\/a>|<\/p>\n

(c) SANS Internet Storm Center. https:\/\/isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"

Today, Apple released updates for all of its operating systems (iOS, iPadOS, macOS, tvOS, watchOS, and visionOS). The update fixes 71 distinct vulnerabilities, many of which affect multiple operating systems. Older versions of iOS, iPadOS, and macOS are also updated. OF special note is\u00a0CVE-2026-20700. This vulnerability has already been exploited in targeted attacks. It allows […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-container-style":"default","site-container-layout":"default","site-sidebar-layout":"default","disable-article-header":"default","disable-site-header":"default","disable-site-footer":"default","disable-content-area-spacing":"default","footnotes":""},"categories":[90],"tags":[91],"class_list":["post-1253","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","tag-cybersecurity"],"yoast_head":"\nApple Patches Everything: February 2026, (Wed, Feb 11th) - Imperative Business Ventures Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Apple Patches Everything: February 2026, (Wed, Feb 11th) - Imperative Business Ventures Limited\" \/>\n<meta property=\"og:description\" content=\"Today, Apple released updates for all of its operating systems (iOS, iPadOS, macOS, tvOS, watchOS, and visionOS). The update fixes 71 distinct vulnerabilities, many of which affect multiple operating systems. Older versions of iOS, iPadOS, and macOS are also updated. OF special note is\u00a0CVE-2026-20700. This vulnerability has already been exploited in targeted attacks. It allows […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/\" \/>\n<meta property=\"og:site_name\" content=\"Imperative Business Ventures Limited\" \/>\n<meta property=\"article:published_time\" content=\"2026-02-11T20:04:40+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"headline\":\"Apple Patches Everything: February 2026, (Wed, Feb 11th)\",\"datePublished\":\"2026-02-11T20:04:40+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/\"},\"wordCount\":1624,\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"Cybersecurity\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/\",\"url\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/\",\"name\":\"Apple Patches Everything: February 2026, (Wed, Feb 11th) - Imperative Business Ventures Limited\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/#website\"},\"datePublished\":\"2026-02-11T20:04:40+00:00\",\"author\":{\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.ibvl.in\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Apple Patches Everything: February 2026, (Wed, Feb 11th)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.ibvl.in\/#website\",\"url\":\"https:\/\/blog.ibvl.in\/\",\"name\":\"Imperative Business Ventures Limited\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.ibvl.in\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/blog.ibvl.in\"],\"url\":\"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Apple Patches Everything: February 2026, (Wed, Feb 11th) - Imperative Business Ventures Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/","og_locale":"en_US","og_type":"article","og_title":"Apple Patches Everything: February 2026, (Wed, Feb 11th) - Imperative Business Ventures Limited","og_description":"Today, Apple released updates for all of its operating systems (iOS, iPadOS, macOS, tvOS, watchOS, and visionOS). The update fixes 71 distinct vulnerabilities, many of which affect multiple operating systems. Older versions of iOS, iPadOS, and macOS are also updated. OF special note is\u00a0CVE-2026-20700. This vulnerability has already been exploited in targeted attacks. It allows […]","og_url":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/","og_site_name":"Imperative Business Ventures Limited","article_published_time":"2026-02-11T20:04:40+00:00","author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/#article","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/"},"author":{"name":"admin","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"headline":"Apple Patches Everything: February 2026, (Wed, Feb 11th)","datePublished":"2026-02-11T20:04:40+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/"},"wordCount":1624,"keywords":["Cybersecurity"],"articleSection":["Cybersecurity"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/","url":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/","name":"Apple Patches Everything: February 2026, (Wed, Feb 11th) - Imperative Business Ventures Limited","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/#website"},"datePublished":"2026-02-11T20:04:40+00:00","author":{"@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"breadcrumb":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/02\/11\/apple-patches-everything-february-2026-wed-feb-11th\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.ibvl.in\/"},{"@type":"ListItem","position":2,"name":"Apple Patches Everything: February 2026, (Wed, Feb 11th)"}]},{"@type":"WebSite","@id":"https:\/\/blog.ibvl.in\/#website","url":"https:\/\/blog.ibvl.in\/","name":"Imperative Business Ventures Limited","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.ibvl.in\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/blog.ibvl.in"],"url":"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/1253","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/comments?post=1253"}],"version-history":[{"count":0,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/1253\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/media?parent=1253"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/categories?post=1253"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/tags?post=1253"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}