← Back

CVE-2025-43458

nvd nist
Published: Nov 4, 2025Modified: Apr 2, 2026

JSON object

Loading...
4.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Exploitability: 2.8 / Impact: 1.4
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

This issue was addressed through improved state management. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.

Affected (6)

Apple
6 products
Ipados
Iphone Os
Safari
Tvos
Visionos
Watchos
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Ipados
Before 26.1
Iphone Os
Before 26.1
Safari
Before 26.1
Tvos
Before 26.1
Visionos
Before 26.1
Watchos
Before 26.1

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
CWE-703
Improper Check or Handling of Exceptional Conditions
The product does not properly anticipate or handle exceptional conditions that rarely occur during normal operation of the product.

References (7)

Source: product-security@apple.com
Source: product-security@apple.com
Source: product-security@apple.com
Source: product-security@apple.com
Source: product-security@apple.com
Source: product-security@apple.com
Source: product-security@apple.com

Timeline

No history available yet.