CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
A vulnerability in Apple systems allows an app to cause unexpected system termination or write to kernel memory. The issue was addressed with improved input sanitization.
A vulnerability in Apple iOS, iPadOS, and macOS Tahoe allows an app to leak sensitive kernel state. The issue was fixed by improving input sanitization.
A vulnerability in Safari allows a malicious website to silently hijack clipboard data. The issue was addressed through improved state management. It is fixed in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.
A use-after-free vulnerability was addressed with improved memory management in Safari. This issue is fixed in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.
A stack overflow vulnerability was discovered in Safari, iOS, iPadOS, and macOS Tahoe, addressed with improved input validation. Processing maliciously crafted web content may lead to an unexpected Safari crash.
A use-after-free vulnerability was fixed in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.
A vulnerability in Safari may cause a browser crash when processing maliciously crafted web content. The issue was addressed with improved memory handling. Fixes are included in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.
A use-after-free vulnerability was addressed with improved memory management in Safari, iOS, iPadOS, and macOS Tahoe. Processing maliciously crafted web content may lead to memory corruption.
A permissions issue in Safari, iOS, iPadOS, and macOS Tahoe was addressed with additional restrictions. Visiting a malicious website may leak sensitive user data.
A vulnerability in Safari and Apple systems may cause a process crash when processing maliciously crafted web content. The issue was fixed by improved memory handling.
A use-after-free vulnerability was addressed with improved memory management in Safari, iOS, iPadOS, and macOS Tahoe. Processing maliciously crafted web content may lead to an unexpected process crash.
A vulnerability in Safari allows a malicious website to exfiltrate data cross-origin. The issue was addressed by improving input validation.
A memory corruption issue in Safari was addressed with improved memory handling. This vulnerability is fixed in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.
A double free vulnerability in WebKit may cause an unexpected process crash when processing maliciously crafted web content. The issue is fixed in iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.
A type confusion vulnerability was discovered in Safari, iOS, iPadOS, and macOS Tahoe. The issue was fixed with improved type checking. Processing maliciously crafted web content may lead to memory corruption.
A use-after-free vulnerability was addressed with improved memory management in Safari, iOS, iPadOS, and macOS Tahoe. A malicious web extension may exploit this issue to cause an unexpected process crash.
A vulnerability in WebKit allows an unexpected process crash when processing maliciously crafted web content. The issue was fixed with improved memory handling in Apple systems.
A vulnerability in Safari and Apple systems allows a malicious website to process restricted web content outside the sandbox. The issue is fixed in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2 with improved checks.
A cross-origin issue was addressed with improved tracking of security origins in Safari, iOS, iPadOS, and macOS Tahoe. Processing maliciously crafted web content may disclose sensitive user information. The fix is included in versions 26.5.2.
A use-after-free vulnerability in Safari, iOS, iPadOS, and macOS Tahoe could lead to an unexpected process crash when processing maliciously crafted web content. The issue was addressed with improved memory management.

