CVE-2025-43343

Description

The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing maliciously crafted web content may lead to an unexpected process crash.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

Apple / iOS and iPadOS0 – 26
Apple / macOS0 – 26
Apple / Safari0 – 26
Apple / tvOS0 – 26
Apple / visionOS0 – 26
Apple / watchOS0 – 26

References

VENDOR_ADVISORYhttps://support.apple.com/en-us/125108
VENDOR_ADVISORYhttps://support.apple.com/en-us/125110
VENDOR_ADVISORYhttps://support.apple.com/en-us/125113
VENDOR_ADVISORYhttps://support.apple.com/en-us/125114
VENDOR_ADVISORYhttps://support.apple.com/en-us/125115
VENDOR_ADVISORYhttps://support.apple.com/en-us/125116