CVE-2025-43421

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions iOS versions prior to 26.1 iPadOS versions prior to 26.1 Safari versions prior to 26.1 visionOS versions prior to 26.1

Description The software contains an issue addressed by disabling array allocation sinking. Processing maliciously crafted web content may lead to an unexpected process crash.

Recommendations Update to iOS version 26.1 or later. Update to iPadOS version 26.1 or later. Update to Safari version 26.1 or later. Update to visionOS version 26.1 or later.

Fix

Memory Corruption

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-125

Related Identifiers

ALSA-2025:22789

ALSA-2025:22790

BDU:2025-15411

CVE-2025-43421

DLA-4399-1

DSA-6074-1

MGASA-2025-0319

MGASA-2025-0325

OPENSUSE-SU-2026:20065-1

SUSE-SU-2025:4416-1

SUSE-SU-2025:4423-1

SUSE-SU-2026:0021-1

SUSE-SU-2026:20102-1

USN-7941-1

Affected Products

Almalinux

Centos

Debian

Linuxmint

Apple Macos

Red Hat

Rocky Linux

Safari

Ubuntu

Ios

Ipados

Visionos

CVE-2025-43421

Weakness Enumeration

Related Identifiers

Affected Products

References · 148