Home

Description

The issue was addressed with improved checks. This issue is fixed in tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, visionOS 26.1. A malicious website may exfiltrate data cross-origin.

PUBLISHED Reserved 2025-04-16 | Published 2025-11-04 | Updated 2025-12-18 | Assigner apple

Problem types

A malicious website may exfiltrate data cross-origin

Product status

Any version before 26.1
affected

Any version before 26.1
affected

Any version before 26.1
affected

Any version before 26.1
affected

Any version before 26.1
affected

Any version before 26.1
affected

References

support.apple.com/en-us/125640

support.apple.com/en-us/125637

support.apple.com/en-us/125634

support.apple.com/en-us/125638

support.apple.com/en-us/125639

support.apple.com/en-us/125632

cve.org (CVE-2025-43480)

nvd.nist.gov (CVE-2025-43480)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.