Sign In

CVE-2025-43265

📊 4.0 MEDIUM0.0%🎯 0 exploits
📅 Published Jul 30, 2025
📋 Status: Analyzed

An out-of-bounds read was addressed with improved input validation. This issue is fixed in Safari 18.6, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may disclose internal states of the app.

🎯 Affected Products & Systems

7 product configurations affected

Filter by type:
📱
apple / safari
Application
Vulnerable
Version: < 18.6
CPE:
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
💻
apple / ipados
Operating System
Vulnerable
Version: < 18.6
CPE:
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
💻
apple / iphone os
Operating System
Vulnerable
Version: < 18.6
CPE:
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
💻
apple / macos
Operating System
Vulnerable
Version: < 15.6
CPE:
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
💻
apple / tvos
Operating System
Vulnerable
Version: < 18.6
CPE:
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
💻
apple / visionos
Operating System
Vulnerable
Version: < 2.6
CPE:
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
💻
apple / watchos
Operating System
Vulnerable
Version: < 11.6
CPE:
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
7 productsscroll for more
Metrics
4.0 MEDIUMCVSS v3.1134c704f-9b21-4f2e-91b3-4a467353bcc0
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector:
LOCAL
Complexity:
LOW
Privileges:
NONE
User Interaction:
NONE
Confidentiality:
LOW
Integrity:
NONE
Availability:
NONE
Scope:
UNCHANGED

🔍 Technical Details

Analysis Status
Analyzed
CVSS Details
4.0 (MEDIUM)v3.1
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
EPSS Details
0.0% (Minimal)2.7th percentile
Last updated: Oct 30, 2025
Exploitation probability within 30 days
Published Date
Jul 30, 2025 (3 months ago)
Last Modified
Aug 1, 2025 (3 months ago)
Security Weaknesses1
References7