Medium severity6.5NVD Advisory· Published Sep 15, 2025· Updated Apr 2, 2026
CVE-2025-43356
CVE-2025-43356
Description
The issue was addressed with improved handling of caches. This issue is fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. A website may be able to access sensor information without user consent.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
60cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*range: <26.0
- (no CPE)range: <26
- Range: <18.7
- Range: <26
- osv-coords50 versionspkg:rpm/almalinux/webkit2gtk3pkg:rpm/almalinux/webkit2gtk3-develpkg:rpm/almalinux/webkit2gtk3-jscpkg:rpm/almalinux/webkit2gtk3-jsc-develpkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/webkit2gtk3-soup2&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/webkit2gtk3-soup2&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/webkit2gtk4&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/webkit2gtk4&distro=openSUSE%20Leap%2016.0pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP7pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Manager%20Proxy%20LTS%204.3pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Manager%20Server%20LTS%204.3pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP6pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
< 2.50.0-1.el8_10+ 49 more
- (no CPE)range: < 2.50.0-1.el8_10
- (no CPE)range: < 2.50.0-1.el8_10
- (no CPE)range: < 2.50.0-1.el8_10
- (no CPE)range: < 2.50.0-1.el8_10
- (no CPE)range: < 2.50.1-150600.12.48.3
- (no CPE)range: < 2.50.4-160000.1.1
- (no CPE)range: < 2.50.1-150600.12.48.3
- (no CPE)range: < 2.50.4-160000.1.1
- (no CPE)range: < 2.50.1-150600.12.48.3
- (no CPE)range: < 2.50.4-160000.1.1
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150600.12.48.3
- (no CPE)range: < 2.50.1-150600.12.48.3
- (no CPE)range: < 2.50.1-4.44.1
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.4-160000.1.1
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.4-160000.1.1
- (no CPE)range: < 2.50.1-4.44.1
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150600.12.48.3
- (no CPE)range: < 2.50.1-150600.12.48.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150600.12.48.3
- (no CPE)range: < 2.50.1-150600.12.48.3
- (no CPE)range: < 2.50.1-150600.12.48.3
- (no CPE)range: < 2.50.1-150600.12.48.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.4-160000.1.1
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.1-150400.4.127.3
- (no CPE)range: < 2.50.4-160000.1.1
Patches
Vulnerability mechanics
References
13- support.apple.com/en-us/125108nvdRelease NotesVendor Advisory
- support.apple.com/en-us/125109nvdRelease NotesVendor Advisory
- support.apple.com/en-us/125113nvdRelease NotesVendor Advisory
- support.apple.com/en-us/125114nvdRelease NotesVendor Advisory
- support.apple.com/en-us/125115nvdRelease NotesVendor Advisory
- support.apple.com/en-us/125116nvdRelease NotesVendor Advisory
- seclists.org/fulldisclosure/2025/Sep/49nvd
- seclists.org/fulldisclosure/2025/Sep/53nvd
- seclists.org/fulldisclosure/2025/Sep/56nvd
- seclists.org/fulldisclosure/2025/Sep/57nvd
- seclists.org/fulldisclosure/2025/Sep/59nvd
- www.openwall.com/lists/oss-security/2025/09/22/3nvd
- support.apple.com/en-us/125110nvd
News mentions
0No linked articles in our index yet.