Medium severity4.3NVD Advisory· Published Sep 15, 2025· Updated May 12, 2026

CVE-2025-43368

Description

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Affected products

Apple Inc./Safari
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
Range: <26.0
Apple Inc./Ipados
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
Range: <26.0
Apple Inc./Iphone Os
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Range: <26.0
Apple Inc./macOS
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Range: <26.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.apple.com/en-us/125108nvdRelease NotesVendor Advisory
support.apple.com/en-us/125113nvdRelease NotesVendor Advisory
seclists.org/fulldisclosure/2025/Sep/49nvd
seclists.org/fulldisclosure/2025/Sep/53nvd
seclists.org/fulldisclosure/2025/Sep/59nvd
www.openwall.com/lists/oss-security/2025/09/22/3nvd
cert-portal.siemens.com/productcert/html/ssa-032379.htmlnvd
support.apple.com/en-us/125110nvd

News mentions

Siemens SIMATIC
CISA Alerts

cvss	0.280
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000