← Back

Safari

safari

Vendor: Apple • 1,598 CVEs

CVEs (1,598)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2026-28871
1Apple
4Ipados
Iphone OsMacos+1 more
Mar 30, 2026
Mar 25, 2026
N/A· v4
4.3 MEDIUM· v3
N/A· v2
A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-s...Show more
A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack.Show less
CVE-2026-28861
1Apple
5Ipados
Iphone OsMacos+2 more
May 10, 2026
Mar 25, 2026
N/A· v4
4.3 MEDIUM· v3
N/A· v2
A logic issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. A malicious website may be able to...Show more
A logic issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. A malicious website may be able to access script message handlers intended for other origins.Show less
CVE-2026-28859
1Apple
7Ipados
Iphone OsMacos+4 more
Mar 25, 2026
Mar 25, 2026
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A malicious website may be able to process re...Show more
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. A malicious website may be able to process restricted web content outside the sandbox.Show less
CVE-2026-28857
1Apple
5Ipados
Iphone OsMacos+2 more
Mar 26, 2026
Mar 25, 2026
N/A· v4
6.5 MEDIUM· v3
N/A· v2
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected p...Show more
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash.Show less
CVE-2026-20691
1Apple
6Ipados
Iphone OsMacos+3 more
Mar 25, 2026
Mar 25, 2026
N/A· v4
4.3 MEDIUM· v3
N/A· v2
An authorization issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A maliciously crafted webpage may be able...Show more
An authorization issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A maliciously crafted webpage may be able to fingerprint the user.Show less
CVE-2026-20665
1Apple
7Ipados
Iphone OsMacos+4 more
Mar 25, 2026
Mar 25, 2026
N/A· v4
6.5 MEDIUM· v3
N/A· v2
This issue was addressed through improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing...Show more
This issue was addressed through improved state management. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced.Show less
CVE-2026-20664
1Apple
5Ipados
Iphone OsMacos+2 more
Mar 25, 2026
Mar 25, 2026
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected p...Show more
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may lead to an unexpected process crash.Show less
CVE-2023-43010
1Apple
4Ipados
Iphone OsMacos+1 more
Mar 25, 2026
Mar 12, 2026
N/A· v4
8.8 HIGH· v3
N/A· v2
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 and iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously...Show more
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 and iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption.Show less
CVE-2026-20676
1Apple
5Ipados
Iphone OsMacos+2 more
Apr 2, 2026
Feb 11, 2026
N/A· v4
5.3 MEDIUM· v3
N/A· v2
This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extension...Show more
This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions.Show less
CVE-2026-20660
1Apple
5Ipados
Iphone OsMacos+2 more
Apr 2, 2026
Feb 11, 2026
N/A· v4
7.5 HIGH· v3
N/A· v2
A path handling issue was addressed with improved logic. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 2...Show more
A path handling issue was addressed with improved logic. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Sequoia 15.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. A remote user may be able to write arbitrary files.Show less
CVE-2026-20656
1Apple
4Ipados
Iphone OsMacos+1 more
Apr 2, 2026
Feb 11, 2026
N/A· v4
3.3 LOW· v3
N/A· v2
A logic issue was addressed with improved validation. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, macOS Tahoe 26.3. An app may be able to access a user's Safari history.
CVE-2026-20652
1Apple
5Ipados
Iphone OsMacos+2 more
Apr 2, 2026
Feb 11, 2026
N/A· v4
7.5 HIGH· v3
N/A· v2
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A remote attacker may be able to cause a...Show more
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A remote attacker may be able to cause a denial-of-service.Show less
CVE-2026-20644
1Apple
5Ipados
Iphone OsMacos+2 more
Apr 2, 2026
Feb 11, 2026
N/A· v4
6.5 MEDIUM· v3
N/A· v2
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web conte...Show more
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.Show less
CVE-2026-20636
1Apple
5Ipados
Iphone OsMacos+2 more
Apr 2, 2026
Feb 11, 2026
N/A· v4
6.5 MEDIUM· v3
N/A· v2
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected p...Show more
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.Show less
CVE-2026-20635
1Apple
7Ipados
Iphone OsMacos+4 more
Apr 2, 2026
Feb 11, 2026
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing mali...Show more
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, tvOS 26.3, visionOS 26.3, watchOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.Show less
CVE-2026-20608
1Apple
5Ipados
Iphone OsMacos+2 more
Apr 2, 2026
Feb 11, 2026
N/A· v4
5.5 MEDIUM· v3
N/A· v2
This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web...Show more
This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash.Show less
CVE-2025-46299
1Apple
7Ipados
Iphone OsMacos+4 more
Apr 2, 2026
Jan 9, 2026
N/A· v4
4.3 MEDIUM· v3
N/A· v2
A memory initialization issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously cr...Show more
A memory initialization issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may disclose internal states of the app.Show less
CVE-2025-46298
1Apple
7Ipados
Iphone OsMacos+4 more
Apr 2, 2026
Jan 9, 2026
N/A· v4
6.5 MEDIUM· v3
N/A· v2
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content ma...Show more
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.Show less
CVE-2025-46282
1Apple
2Macos
Safari
Apr 2, 2026
Dec 17, 2025
N/A· v4
5.5 MEDIUM· v3
N/A· v2
The issue was addressed with additional permissions checks. This issue is fixed in Safari 26.2, macOS Tahoe 26.2. An app may be able to access sensitive user data.
CVE-2025-43541
1Apple
5Ipados
Iphone OsMacos+2 more
Dec 18, 2025
Dec 17, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously craft...Show more
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.Show less