CVE-2025-43529
CVSS Score
8.8
EPSS Score
0.0%
EPSS Percentile
0th
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 was also issued in response to this report.
| Vendor | apple |
| Product | safari |
| Ecosystems | |
| Industries | Technology |
| Published | Dec 17, 2025 |
| Last Updated | Apr 2, 2026 |
โ ๏ธ Actively Exploited โ Act Now
Get instant alerts for apple safari
This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2025-43529.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Apple / Safari
0 < 26.2
Apple / iOS and iPadOS
0 < 18.7.3 0 < 26.2
Apple / macOS
0 < 26.2
Apple / tvOS
0 < 26.2
Apple / visionOS
0 < 26.2
Apple / watchOS
0 < 26.2
References
support.apple.com: https://support.apple.com/en-us/125884 support.apple.com: https://support.apple.com/en-us/125885 support.apple.com: https://support.apple.com/en-us/125886 support.apple.com: https://support.apple.com/en-us/125889 support.apple.com: https://support.apple.com/en-us/125890 support.apple.com: https://support.apple.com/en-us/125891 support.apple.com: https://support.apple.com/en-us/125892 cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-43529