CVE-2025-46277 is a vulnerability identified in Apple’s iOS and iPadOS platforms, as well as macOS Tahoe and watchOS, that allows an application to access a user’s Safari browsing history due to a logging issue with insufficient data redaction. The root cause is related to CWE-532, which involves exposure of sensitive information through logs. Specifically, the system’s logging mechanism failed to properly redact sensitive browsing data, enabling apps with limited privileges (requiring local access and some privileges but no user interaction) to read Safari history data that should have been protected. The vulnerability was addressed in the 26.2 releases of the affected operating systems by improving data redaction in logs, thereby preventing unauthorized access to browsing history. The CVSS v3.1 base score of 5.5 reflects a medium severity, with the vector indicating local attack vector (AV:L), low attack complexity (AC:L), requiring privileges (PR:L), no user interaction (UI:N), unchanged scope (S:U), high confidentiality impact (C:H), and no impact on integrity or availability (I:N/A:N). There are no known exploits in the wild at this time. This vulnerability primarily threatens user privacy by exposing sensitive browsing history, which could be leveraged for profiling, targeted phishing, or other privacy-invasive activities.

For European organizations, the primary impact is the potential compromise of user privacy and confidentiality of browsing data on Apple mobile devices. This could lead to exposure of sensitive corporate or personal browsing habits, which may be exploited for social engineering or espionage. Although the vulnerability does not affect system integrity or availability, the leakage of browsing history could undermine trust in corporate device security policies and compliance with data protection regulations such as GDPR. Organizations with mobile workforces relying on iOS and iPadOS devices are at risk, especially if devices are not promptly updated. The exposure of browsing history could also facilitate lateral attacks if combined with other vulnerabilities or insider threats. While no active exploitation is reported, the vulnerability’s presence increases the attack surface for privacy-invasive attacks.

To mitigate CVE-2025-46277, European organizations should prioritize updating all Apple devices to iOS, iPadOS, macOS Tahoe, and watchOS version 26.2 or later, where the issue is fixed. Device management policies should enforce timely patch deployment and restrict installation of apps to those from trusted sources with minimal required privileges. Organizations should audit app permissions regularly to ensure no unnecessary access is granted. Additionally, monitoring logs for unusual access patterns to Safari history or related data may help detect attempts to exploit this vulnerability. Employing Mobile Device Management (MDM) solutions to enforce security baselines and restrict local privilege escalation can further reduce risk. User awareness training about the risks of installing untrusted apps and the importance of updates will also support mitigation efforts.