Unrated severityNVD Advisory· Published Mar 25, 2026· Updated Apr 2, 2026
CVE-2026-28871
CVE-2026-28871
Description
A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
27- osv-coords24 versionspkg:rpm/almalinux/webkit2gtk3pkg:rpm/almalinux/webkit2gtk3-develpkg:rpm/almalinux/webkit2gtk3-jscpkg:rpm/almalinux/webkit2gtk3-jsc-develpkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/webkit2gtk3&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/webkit2gtk3-soup2&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/webkit2gtk3-soup2&distro=openSUSE%20Leap%2016.0pkg:rpm/opensuse/webkit2gtk4&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/webkit2gtk4&distro=openSUSE%20Leap%2016.0pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP7pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/webkit2gtk3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/webkit2gtk3-soup2&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP7pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%2016.0pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/webkit2gtk4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20applications%2016.0
< 2.52.3-1.el8_10+ 23 more
- (no CPE)range: < 2.52.3-1.el8_10
- (no CPE)range: < 2.52.3-1.el8_10
- (no CPE)range: < 2.52.3-1.el8_10
- (no CPE)range: < 2.52.3-1.el8_10
- (no CPE)range: < 2.52.1-150600.12.63.1
- (no CPE)range: < 2.52.1-160000.1.1
- (no CPE)range: < 2.52.1-150600.12.63.1
- (no CPE)range: < 2.52.1-160000.1.1
- (no CPE)range: < 2.52.1-150600.12.63.1
- (no CPE)range: < 2.52.1-160000.1.1
- (no CPE)range: < 2.52.1-150600.12.63.1
- (no CPE)range: < 2.52.1-150600.12.63.1
- (no CPE)range: < 2.52.1-160000.1.1
- (no CPE)range: < 2.52.1-150600.12.63.1
- (no CPE)range: < 2.52.1-160000.1.1
- (no CPE)range: < 2.52.1-150600.12.63.1
- (no CPE)range: < 2.52.1-150600.12.63.1
- (no CPE)range: < 2.52.1-150600.12.63.1
- (no CPE)range: < 2.52.1-150600.12.63.1
- (no CPE)range: < 2.52.1-150600.12.63.1
- (no CPE)range: < 2.52.1-150600.12.63.1
- (no CPE)range: < 2.52.1-160000.1.1
- (no CPE)range: < 2.52.1-150600.12.63.1
- (no CPE)range: < 2.52.1-160000.1.1
- Range: 0
- Range: 0
- Range: 0
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.