CVE-2025-24188

Published: Jul 30, 2025Modified: Nov 3, 2025

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

A logic issue was addressed with improved checks. This issue is fixed in Safari 18.6, macOS Sequoia 15.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Affected (2)

Products: Apple: Macos, Safari

Apple

2 products

Macos

Safari

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Apple Macos	Before 15.6
Apple Safari	Before 18.6

Related CWEs

CWE-703

Improper Check or Handling of Exceptional Conditions

The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product.

References (4)

https://support.apple.com/en-us/124149

Source: product-security@apple.com

Release NotesVendor Advisory

https://support.apple.com/en-us/124152

Source: product-security@apple.com

Release NotesVendor Advisory

http://seclists.org/fulldisclosure/2025/Aug/0

Source: af854a3a-2127-422b-91ae-364da2661108

http://seclists.org/fulldisclosure/2025/Jul/32

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.