CVE-2026-20692
Received Received - Intake
Privacy Bypass in Apple Mail Preferences Affecting IP and Content Blocking

Publication date: 2026-03-25

Last updated on: 2026-03-27

Assigner: Apple Inc.

Description
A privacy issue was addressed with improved handling of user preferences. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. "Hide IP Address" and "Block All Remote Content" may not apply to all mail content.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-25
Last Modified
2026-03-27
Generated
2026-06-16
AI Q&A
2026-03-25
EPSS Evaluated
2026-06-15
NVD
CVE-2026-20692
EUVD
EUVD-2026-15064
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
apple ipados to 26.4 (exc)
apple iphone_os to 26.4 (exc)
apple macos From 14.0 (inc) to 14.8.5 (exc)
apple macos From 15.0 (inc) to 15.7.5 (exc)
apple macos From 26.0 (inc) to 26.4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a privacy issue related to the handling of user preferences in Apple operating systems. Specifically, the settings "Hide IP Address" and "Block All Remote Content" may not apply to all mail content, potentially exposing user information that these settings are intended to protect.

Impact Analysis

The impact of this vulnerability is that user privacy could be compromised because the intended protections to hide the IP address and block remote content in mail may not be fully effective. This could lead to exposure of user information or tracking through mail content that bypasses these settings.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate this vulnerability, update affected Apple operating systems to the fixed versions: iOS 26.4, iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, or macOS Tahoe 26.4.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20692. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart