cvedb.io
CVE-2026-28895
MEDIUM · CVSS 4.6
EPSS exploitation probability: 0%
Published 2026-03-25T01:17:12.973 · Last modified 2026-06-17T10:29:18.150

Summary

The issue was addressed with improved checks. This issue is fixed in iOS 26.4 and iPadOS 26.4. An attacker with physical access to an iOS device with Stolen Device Protection enabled may be able to access biometrics-gated Protected Apps with the passcode.

Affected products

apple — ipados

Does this affect you?

Add your gear to cvedb and we'll alert you only when apple ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.