In a support document Apple has published, it appears that shortly after the launch of iOS 15, they closed two security holes.
One is said to have had a particularly large potential for damage, where it could be used to leak information about the user's Apple ID as well as search history in applications.
Impact: A malicious application may be able to access some of the user’s Apple ID information, or recent in-app search terms
Description: An access issue was addressed with additional sandbox restrictions on third-party applications.
CVE-2021-30898: Steven Troughton-Smith of High Caffeine Content (@stroughtonsmith)
Entry added January 19, 2022
Sources: macrumors