4.3
CVE-2026-43708
- EPSS 0.21%
- Veröffentlicht 29.06.2026 20:17:35
- Zuletzt bearbeitet 30.06.2026 18:27:49
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
The issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may exfiltrate data cross-origin.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.106 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 4.3 | 2.8 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
https://support.apple.com/en-us/127594
https://support.apple.com/en-us/127595
https://support.apple.com/en-us/127685