CVE-2025-43430

CVSS v2.0

5.0

Medium

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.1 visionOS versions prior to 26.1 watchOS versions prior to 26.1 iOS versions prior to 26.1 iPadOS versions prior to 26.1 tvOS versions prior to 26.1

Description Processing maliciously crafted web content may lead to an unexpected process crash due to improper state management.

Recommendations Update to Safari version 26.1 or later. Update to visionOS version 26.1 or later. Update to watchOS version 26.1 or later. Update to iOS version 26.1 or later. Update to iPadOS version 26.1 or later. Update to tvOS version 26.1 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-703CWE-20

Related Identifiers

ALSA-2025:22789

ALSA-2025:22790

BDU:2026-03299

CVE-2025-43430

DLA-4394-1

DSA-6070-1

MGASA-2025-0319

OPENSUSE-SU-2026:20065-1

SUSE-SU-2025:4416-1

SUSE-SU-2025:4423-1

SUSE-SU-2026:0021-1

SUSE-SU-2026:20102-1

USN-7914-1

Affected Products

Almalinux

Centos

Debian

Linuxmint

Apple Macos

Red Hat

Rocky Linux

Safari

Ubuntu

Ios

Ipados

Tvos

Visionos

Watchos

CVE-2025-43430

Weakness Enumeration

Related Identifiers

Affected Products

References · 148