Not a user yet?
Log in Register for free Suggest a product
Update

improved URL validation.

SafariSafari
Apple
Update from patrick-devicebaseUpdate from:
patrick-devicebase (expert)

About the security content of Safari 26

Safari 26

  • Released September 15, 2025

Safari

  • Available for: macOS Sonoma and macOS Sequoia
  • Impact: Visiting a malicious website may lead to address bar spoofing
  • Description: The issue was addressed by adding additional logic.
  • CVE-2025-43327: @RenwaX23

Safari

  • Available for: macOS Sonoma and macOS Sequoia
  • Impact: Processing maliciously crafted web content may lead to unexpected URL redirection
  • Description: This issue was addressed with improved URL validation.
  • CVE-2025-31254: Evan Waelde

WebKit

  • Available for: macOS Sonoma and macOS Sequoia
  • Impact: A website may be able to access sensor information without user consent
  • Description: The issue was addressed with improved handling of caches.
  • WebKit Bugzilla: 296153
  • CVE-2025-43356: Jaydev Ahire

WebKit

  • Available for: macOS Sonoma and macOS Sequoia
  • Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash
  • Description: The issue was addressed with improved memory handling.
  • WebKit Bugzilla: 294550
  • CVE-2025-43272: Big Bear

WebKit

  • Available for: macOS Sonoma and macOS Sequoia
  • Impact: Processing maliciously crafted web content may lead to an unexpected process crash
  • Description: The issue was addressed with improved memory handling.
  • WebKit Bugzilla: 296490
  • CVE-2025-43343: an anonymous researcher

WebKit

  • Available for: macOS Sonoma and macOS Sequoia
  • Impact: Processing maliciously crafted web content may lead to an unexpected process crash
  • Description: A correctness issue was addressed with improved checks.
  • WebKit Bugzilla: 296042
  • CVE-2025-43342: an anonymous researcher

WebKit Process Model
Available for: macOS Sonoma and macOS Sequoia
Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash

  • Description: A use-after-free issue was addressed with improved memory management.
  • WebKit Bugzilla: 296276
  • CVE-2025-43368: Pawel Wylecial of REDTEAM.PL working with Trend Micro Zero Day Initiative
Version: Safari 26 Link
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Apple Safari updates

More from the Apps & Software section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad