CVE-2025-43531

A race condition was addressed with improved state handling. This issue is fixed in watchOS 26.2, Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, tvOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash...

CVE-2025-43531

CVE-2025-43531 is confirmed in WebKitGTK/WebKit2GTK (webkitgtk4) with a reported race-condition that may cause an unexpected process crash when processing malicious web content. The Amazon Linux 2 advisory ALAS2-2025-3114 notes this CVE among multiple WebKitGTK issues and provides a fix in webkit...

CVE-2025-46292

This issue was addressed with additional entitlement checks. This issue is fixed in iOS 26.2 and iPadOS 26.2, iOS 18.7.3 and iPadOS 18.7.3. An app may be able to access user-sensitive data...

CVE-2025-43428

A configuration issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Photos in the Hidden Photos Album may be viewed without authentication...

CVE-2025-43428

CVE-2025-43428 affects Apple platforms (visionOS, iOS, iPadOS, macOS Tahoe) due to a configuration issue that allowed viewing photos in the Hidden Photos Album without authentication. The issue is fixed in visionOS 26.2, iOS 26.2, iPadOS 26.2, and macOS Tahoe 26.2. The Apple security notes enumer...

CVE-2025-43541

A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected Safari crash...

CVE-2025-43501

CVE-2025-43501 affects WebKitGTK/WebKitGTK4. The connected advisories document a buffer overflow in processing malicious web content that can lead to an unexpected process crash in affected GTK-based WebKit runtimes. The issue is fixed in WebKitGTK/WebKitGTK4 by version 2.50.4 (and related packag...

CVE-2025-46277

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.2, iOS 26.2 and iPadOS 26.2, watchOS 26.2. An app may be able to access a user’s Safari history...

CVE-2025-46277

CVE-2025-46277 affects Apple software including macOS Tahoe 26.2, iOS 26.2, iPadOS 26.2, and watchOS 26.2. Description: a logging issue was addressed with improved data redaction, and an app may be able to access a user’s Safari history. Root cause: not explicitly stated beyond the logging/data r...

Apple多款产品 安全漏洞

Apple iOS and others are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple macOS is a specialized operating system developed for Mac computers. apple iPadOS is an operating system for iPad tablet computers. A security vulnerability exists in multiple Appl...

Apple多款产品 安全漏洞

Apple iOS and others are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. apple macOS is a specialized operating system developed for Mac computers. apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in several Apple products...

Apple多款产品 安全漏洞

Apple iOS is an operating system developed for mobile devices. apple macOS is a specialized operating system developed for Mac computers. apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in several Apple products that stems from an insufficiently...

Apple多款产品 安全漏洞

Apple iOS is an operating system developed for mobile devices. apple watchOS is an operating system for smartwatches. apple macOS is a proprietary operating system developed for Mac computers. A security vulnerability exists in several Apple products that stems from insufficient privilege...

Vulnerabilities fixed in Apple iOS and iPadOS

Apple fixed vulnerabilities in iOS and iPadOS versions 18.7.3 and 26.2 The vulnerabilities include a use-after-free issue, a memory corruption, and a logging issue that allowed unauthorized access to sensitive user data. These vulnerabilities could be exploited by malicious parties via specially...

CVE-2025-46276

An information disclosure issue was addressed with improved privacy controls. This issue is fixed in watchOS 26.2, macOS Sonoma 14.8.3, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, macOS Sequoia 15.7.3, visionOS 26.2. An app may be able to access sensitive user data...

CVE-2025-43539

The issue was addressed with improved bounds checks. This issue is fixed in watchOS 26.2, macOS Sonoma 14.8.3, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, macOS Sequoia 15.7.3, visionOS 26.2, tvOS 26.2. Processing a file may lead to memory corruption...

CVE-2025-43532

A memory corruption issue was addressed with improved bounds checking. This issue is fixed in watchOS 26.2, macOS Sonoma 14.8.3, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, macOS Sequoia 15.7.3, visionOS 26.2, tvOS 26.2. Processing malicious data may lead to unexpect...

CVE-2025-43538

A logging issue was addressed with improved data redaction. This issue is fixed in watchOS 26.2, macOS Sonoma 14.8.3, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. An app may be able to access sensitive user data...

CVE-2025-43494

A mail header parsing issue was addressed with improved checks. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. An attacker may be able to cause a persistent denial-of-service...

CVE-2025-43511

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash...