CVE Catalog

CVE-2026-43725

HighCVSS 7.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.31%

23th percentile — higher than 23% of all known CVEs

Summary

A vulnerability in Safari and Apple systems allows a malicious website to process restricted web content outside the sandbox. The issue was fixed with improved input validation.

Risk Assessment

The organization risks data leakage or browser sandbox escape, potentially leading to unauthorized system access.

Recommendation

Immediately update Safari to version 26.5.2 and iOS/iPadOS/macOS Tahoe to version 26.5.2.

Original NVD description (English source)

The issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to process restricted web content outside the sandbox.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS