CVE-2025-43356

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Safari versions prior to 26 iOS versions prior to 26 iPadOS versions prior to 26 tvOS versions prior to 26 visionOS versions prior to 26 watchOS versions prior to 26 macOS versions prior to Tahoe 26

Description The issue was addressed with improved handling of caches. A website may be able to access sensor information without user consent.

Recommendations Update Safari to version 26 or later. Update iOS to version 26 or later. Update iPadOS to version 26 or later. Update tvOS to version 26 or later. Update visionOS to version 26 or later. Update watchOS to version 26 or later. Update macOS to version Tahoe 26 or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

ALSA-2025:17802

ALSA-2025:18097

ALSA-2025:20922

BDU:2025-15664

CESA-2025_17802

CVE-2025-43356

DLA-4375-1

DSA-6042-1

INFSA-2025_17802

INFSA-2025_18097

INFSA-2025_20922

MGASA-2025-0313

OPENSUSE-SU-2026:20065-1

RHSA-2025_17802

RHSA-2025_18097

RHSA-2025_20922

SUSE-SU-2025:3700-1

SUSE-SU-2025:3701-1

SUSE-SU-2025:3905-1

SUSE-SU-2026:20102-1

USN-7817-1

Affected Products

Almalinux

Centos

Debian

Linuxmint

Apple Macos

Red Hat

Rocky Linux

Safari

Suse

Ubuntu

Ios

Ipados

Macos Tahoe

Tvos

Visionos

Watchos

CVE-2025-43356

Weakness Enumeration

Related Identifiers

Affected Products

References · 145