CVE-2026-20685 PUBLISHED

Assigner: apple
Reserved: 11.11.2025 Published: 18.05.2026 Updated: 18.05.2026

An attacker in a privileged network position may be able to leak sensitive information. A path handling issue was addressed with improved validation. This issue is fixed in PCC Release 5E290.3.

Product Status

Vendor	Apple
Product	Private Cloud Compute Server Software
Versions	affected from 0 to 5E290.3 (excl.)

References

https://security.apple.com/documentation/private-cloud-compute/releasenotes#darwin-init

Problem Types

An attacker in a privileged network position may be able to leak sensitive information.