CVE-2026-28965
Privacy Issue in iOS and iPadOS Allows Lock Screen Content Exposure
Publication date: 2026-05-11
Last updated on: 2026-05-11
Assigner: Apple Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apple | ios | 26.5 |
| apple | ipad_os | 26.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a privacy issue in Apple iOS and iPadOS where a user may be able to view restricted content from the lock screen. The issue was addressed by implementing improved checks to prevent unauthorized access to such content.
How can this vulnerability impact me? :
The vulnerability could allow someone to view restricted or private content on your device without unlocking it, potentially exposing sensitive information.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update your devices to iOS 26.5 or iPadOS 26.5 where the issue has been fixed.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows a user to view restricted content from the lock screen, which constitutes a privacy issue.
Such unauthorized access to restricted content could potentially lead to non-compliance with privacy regulations and standards like GDPR and HIPAA, which require protection of sensitive personal information.
However, specific impacts on compliance are not detailed in the provided information.