vulnerability

OS X update for WebKit (CVE-2025-43432)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:N/A:P)	Nov 28, 2025	Nov 28, 2025	Mar 18, 2026

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Published

Nov 28, 2025

Added

Nov 28, 2025

Modified

Mar 18, 2026

Description

A use-after-free issue was addressed with improved memory management. This issue is fixed in tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.

Solution

apple-osx-upgrade-26_1

References

CVE-2025-43432
https://attackerkb.com/topics/CVE-2025-43432
CWE-416
URL-https://support.apple.com/en-us/125634

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today