CVE-2025-43368

📊 4.3 MEDIUM⚡ 0.0%🎯 0 exploits

📅 Published Sep 15, 2025

📋 Status: Analyzed

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash.

CVSS v3.1 • 134c704f-9b21-4f2e-91b3-4a467353bcc0

🎯 Affected Products & Systems

4 product configurations affected

Filter by type:

Type	Vendor	Product	Version Range	Status	CPE String
📱App	apple	safari	< 26.0	Vulnerable	cpe:2.3:a:apple:safari::::::::
💻OS	apple	ipados	< 26.0	Vulnerable	cpe:2.3:o:apple:ipados::::::::
💻OS	apple	iphone os	< 26.0	Vulnerable	cpe:2.3:o:apple:iphone_os::::::::
💻OS	apple	macos	< 26.0	Vulnerable	cpe:2.3:o:apple:macos::::::::

📱

apple / safari

Application

Vulnerable

Version: < 26.0

CPE:

cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*

💻

apple / ipados

Operating System

Vulnerable

Version: < 26.0

CPE:

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*

💻

apple / iphone os

Operating System

Vulnerable

Version: < 26.0

CPE:

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

💻

apple / macos

Operating System

Vulnerable

Version: < 26.0

CPE:

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Metrics

4.3 MEDIUMCVSS v3.1134c704f-9b21-4f2e-91b3-4a467353bcc0

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Attack Vector:

NETWORK

Complexity:

LOW

Privileges:

NONE

User Interaction:

REQUIRED

Confidentiality:

NONE

Integrity:

NONE

Availability:

LOW

Scope:

UNCHANGED

🔍 Technical Details

Analysis Status

Analyzed

CVSS Details

4.3 (MEDIUM)v3.1

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

EPSS Details

0.0% (Minimal)11.3th percentile

Last updated: Oct 30, 2025

Exploitation probability within 30 days

Published Date

Sep 15, 2025 (1 month ago)

Last Modified

Sep 17, 2025 (1 month ago)

Security Weaknesses1

CWE-416

References4

NVDgeneralgeneral+1