This issue was addressed through improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, Safari 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Apple |
|
Configuration 1 [-]
|
No data.
References
History
Thu, 12 Feb 2026 18:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Apple ipados
Apple iphone Os |
|
| Weaknesses | NVD-CWE-noinfo | |
| CPEs | cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Apple ipados
Apple iphone Os |
|
| Metrics |
cvssV3_1
|
Thu, 12 Feb 2026 09:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Apple
Apple ios And Ipados Apple macos Apple safari Apple visionos |
|
| Vendors & Products |
Apple
Apple ios And Ipados Apple macos Apple safari Apple visionos |
Wed, 11 Feb 2026 23:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | This issue was addressed through improved state management. This issue is fixed in iOS 26.3 and iPadOS 26.3, Safari 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: apple
Published: 2026-02-11T22:58:25.537Z
Updated: 2026-02-11T22:58:25.537Z
Reserved: 2025-11-11T14:43:07.867Z
Link: CVE-2026-20676
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2026-02-11T23:16:09.990
Modified: 2026-02-12T18:32:45.547
Link: CVE-2026-20676
Redhat
No data.