Rapid7’s 2026 Global Cybersecurity Summit is now available on-demand.Watch sessions.
Rapid7

vulnerability

Red Hat: CVE-2025-43501: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash (Multiple Advisories)

Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Dec 17, 2025
Added
Dec 22, 2025
Modified
Jun 18, 2026

Description

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Solutions

redhat-upgrade-webkit2gtk3redhat-upgrade-webkit2gtk3-debuginforedhat-upgrade-webkit2gtk3-debugsourceredhat-upgrade-webkit2gtk3-develredhat-upgrade-webkit2gtk3-devel-debuginforedhat-upgrade-webkit2gtk3-jscredhat-upgrade-webkit2gtk3-jsc-debuginforedhat-upgrade-webkit2gtk3-jsc-develredhat-upgrade-webkit2gtk3-jsc-devel-debuginforedhat-upgrade-webkitgtk4redhat-upgrade-webkitgtk4-debuginforedhat-upgrade-webkitgtk4-develredhat-upgrade-webkitgtk4-docredhat-upgrade-webkitgtk4-jscredhat-upgrade-webkitgtk4-jsc-devel

References

    Title
    Rapid7 Labs

    2026 Global Threat Landscape Report

    The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.