Skip to main content

iOS CVE-2025-11598

Exposure of Private Personal Information to an Unauthorized Actor (CWE-359)
2026-02-03 cvd@cert.pl
Information Disclosure iOS

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Feb 03, 2026 - 12:16 nvd
N/A

DescriptionNVD

In mObywatel iOS application an unauthorized user can use the App Switcher to view the account owner's personal information in the minimized app window, even after the login session has ended (reopening the app would require the user to log in). The data exposed depends on the last application view displayed before the application was minimized

This issue was fixed in version 4.71.0

AnalysisAI

data exposed depends on the last application view displayed versions up to 4.71.0 contains a security vulnerability.

Technical ContextAI

affects data exposed depends on the last application view displayed. In mObywatel iOS application an unauthorized user can use the App Switcher to view the account owner's personal information in the minimized app window, even after the login session has ended (reopening the app would require the user to log in). The data exposed depends on the last application view displayed before the application was minimized

This issue was fixed in version 4.71.0

Affected ProductsAI

Product: data exposed depends on the last application view displayed. Versions: up to 4.71.0.

RemediationAI

Fixed in version 4.71.0.

Share

CVE-2025-11598 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy