CVE-2025-43531

A race condition was addressed with improved state handling. This issue is fixed in watchOS 26.2, Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, tvOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-46292

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 26.2 and iPadOS 26.2, iOS 18.7.3 and iPadOS 18.7.3. An app may be able to access user-sensitive data...

CVE-2025-46292

CVE-2025-46292 affects Apple iOS/iPadOS prior to versions 26.2 and 18.7.3, respectively. The issue arose from insufficient entitlement checks that could allow a malicious app to access user‑sensitive data. Apple fixed this in iOS 26.2 and iPadOS 26.2, and in iOS 18.7.3 and iPadOS 18.7.3. Remediat...

CVE-2025-43536

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-43428

CVE-2025-43428 affects Apple platforms (visionOS, iOS, iPadOS, macOS Tahoe) due to a configuration issue that allowed viewing photos in the Hidden Photos Album without authentication. The issue is fixed in visionOS 26.2, iOS 26.2, iPadOS 26.2, and macOS Tahoe 26.2. The Apple security notes enumer...

CVE-2025-43541

A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

CVE-2025-43501

CVE-2025-43501 affects WebKitGTK/WebKitGTK4. The connected advisories document a buffer overflow in processing malicious web content that can lead to an unexpected process crash in affected GTK-based WebKit runtimes. The issue is fixed in WebKitGTK/WebKitGTK4 by version 2.50.4 (and related packag...

CVE-2025-46277

CVE-2025-46277 affects Apple software including macOS Tahoe 26.2, iOS 26.2, iPadOS 26.2, and watchOS 26.2. Description: a logging issue was addressed with improved data redaction, and an app may be able to access a user’s Safari history. Root cause: not explicitly stated beyond the logging/data r...

CVE-2025-46277

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.2, iOS 26.2 and iPadOS 26.2, watchOS 26.2. An app may be able to access a user’s Safari history...

Apple多款产品 安全漏洞

Apple iOS and others are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple macOS is a specialized operating system developed for Mac computers. apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in several Apple products...

Apple多款产品 安全漏洞

Apple iOS is an operating system developed for mobile devices. apple macOS is a specialized operating system developed for Mac computers. apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in several Apple products that stems from an insufficiently...

Apple多款产品 安全漏洞

Apple iOS is an operating system developed for mobile devices. apple watchOS is an operating system for smartwatches. apple macOS is a proprietary operating system developed for Mac computers. A security vulnerability exists in several Apple products that stems from insufficient privilege...

PT-2025-51914

Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.2 iPadOS versions prior to 26.2 iOS versions prior to 18.7.3 iPadOS versions prior to 18.7.3 Description An application may be able to access user-sensitive data due to insufficient entitlement checks. Recommendations...

Apple多款产品 安全漏洞

Apple iOS and others are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple macOS is a specialized operating system developed for Mac computers. apple iPadOS is an operating system for iPad tablet computers. A security vulnerability exists in multiple Appl...

EUVD-2025-203829

Exposure of password hashes through an unauthenticated API response in TP-Link Tapo C210 V.1.8 app on iOS and Android, allowing attackers to brute force the password in the local network. Issue can be mitigated through mobile application updates. Device firmware remains unchanged...

CVE-2025-14023

LINE client for iOS prior to 15.19 allows UI spoofing due to inconsistencies between the navigation state and the in-app browser's user interface, which could create confusion about the trust context of displayed pages or interactive elements under specific conditions...

Vulnerabilities fixed in Apple iOS and iPadOS

Apple fixed vulnerabilities in iOS and iPadOS versions 18.7.3 and 26.2 The vulnerabilities include a use-after-free issue, a memory corruption, and a logging issue that allowed unauthorized access to sensitive user data. These vulnerabilities could be exploited by malicious parties via specially...

CVE-2025-14023

LINE client for iOS prior to 15.19 allows UI spoofing due to inconsistencies between the navigation state and the in-app browser's user interface, which could create confusion about the trust context of displayed pages or interactive elements under specific conditions...

CVE-2025-14023

LINE client for iOS prior to 15.19 allows UI spoofing due to inconsistencies between the navigation state and the in-app browser's user interface, which could create confusion about the trust context of displayed pages or interactive elements under specific conditions...

CVE-2025-14021

The in-app browser in LINE client for iOS versions prior to 14.14 is vulnerable to address bar spoofing, which could allow attackers to execute malicious JavaScript within iframes while displaying trusted URLs, enabling phishing attacks through overlaid malicious content...