{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE" } }, "lang": "nl", "notes": [ { "category": "legal_disclaimer", "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings." }, { "category": "description", "text": "Apple heeft meerdere kwetsbaarheden verholpen in iOS en iPadOS.", "title": "Feiten" }, { "category": "description", "text": "De kwetsbaarheden betreffen onder andere out-of-bounds access, use-after-free, memory handling fouten, insufficient input validation, type confusion, double free, stack overflow, race conditions, en path handling problemen. Deze fouten kunnen leiden tot onverwachte crashes van processen, corruptie van geheugen, ongeautoriseerde toegang tot gevoelige data zoals clipboard-inhoud en kernel state, en het omzeilen van sandbox-beperkingen. Kwaadwillenden kunnen deze kwetsbaarheden misbruiken door speciaal vervaardigde webcontent of applicaties aan te bieden die de genoemde fouten triggeren, wat resulteert in procesinstabiliteit, systeemterminatie of datalekken. De kwetsbaarheden zijn opgelost door verbeterde bounds checking, input validatie, geheugenbeheer, state management en beveiligingscontroles in de betrokken softwarecomponenten.", "title": "Interpretaties" }, { "category": "description", "text": "Apple heeft updates uitgebracht voor iOS 26.5.2 en iPadOS 26.5.2 om deze kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.", "title": "Oplossingen" }, { "category": "general", "text": "medium", "title": "Kans" }, { "category": "general", "text": "high", "title": "Schade" }, { "category": "general", "text": "Improper Input Validation", "title": "CWE-20" }, { "category": "general", "text": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "title": "CWE-22" }, { "category": "general", "text": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "title": "CWE-119" }, { "category": "general", "text": "Stack-based Buffer Overflow", "title": "CWE-121" }, { "category": "general", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "general", "text": "Exposure of Sensitive Information to an Unauthorized Actor", "title": "CWE-200" }, { "category": "general", "text": "Privilege Issues", "title": "CWE-265" }, { "category": "general", "text": "Origin Validation Error", "title": "CWE-346" }, { "category": "general", "text": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", "title": "CWE-362" }, { "category": "general", "text": "Improper Resource Shutdown or Release", "title": "CWE-404" }, { "category": "general", "text": "Double Free", "title": "CWE-415" }, { "category": "general", "text": "Use After Free", "title": "CWE-416" }, { "category": "general", "text": "Out-of-bounds Write", "title": "CWE-787" }, { "category": "general", "text": "Access of Resource Using Incompatible Type ('Type Confusion')", "title": "CWE-843" }, { "category": "general", "text": "Permissive Cross-domain Security Policy with Untrusted Domains", "title": "CWE-942" } ], "publisher": { "category": "coordinator", "contact_details": "cert@ncsc.nl", "name": "Nationaal Cyber Security Centrum", "namespace": "https://www.ncsc.nl/" }, "references": [ { "category": "external", "summary": "Reference", "url": "https://support.apple.com/en-us/127594" } ], "title": "Kwetsbaarheden verholpen in Apple iOS en iPadOS", "tracking": { "current_release_date": "2026-06-30T11:48:34.791099Z", "generator": { "date": "2025-08-04T16:30:00Z", "engine": { "name": "V.A.", "version": "1.3" } }, "id": "NCSC-2026-0215", "initial_release_date": "2026-06-30T11:48:34.791099Z", "revision_history": [ { "date": "2026-06-30T11:48:34.791099Z", "number": "1.0.0", "summary": "Initiele versie" } ], "status": "final", "version": "1.0.0" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-1" } } ], "category": "product_name", "name": "iOS" }, { "branches": [ { "category": "product_version_range", "name": "vers:unknown/*", "product": { "name": "vers:unknown/*", "product_id": "CSAFPID-2" } } ], "category": "product_name", "name": "iPadOS" } ], "category": "vendor", "name": "Apple" } ] }, "vulnerabilities": [ { "cve": "CVE-2026-28979", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" }, { "category": "description", "text": "An out-of-bounds access vulnerability causing potential process crashes when processing malicious web content was fixed with improved bounds checking in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-28979 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-28979.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-28979" }, { "cve": "CVE-2026-39868", "notes": [ { "category": "description", "text": "An input validation flaw allowing apps to cause unexpected system termination or kernel memory corruption was fixed in iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-39868 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-39868.json" } ], "title": "CVE-2026-39868" }, { "cve": "CVE-2026-39872", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" }, { "category": "description", "text": "A memory handling vulnerability causing unexpected process crashes when processing malicious web content was fixed in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-39872 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-39872.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-39872" }, { "cve": "CVE-2026-43663", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" }, { "category": "description", "text": "A memory handling vulnerability causing unexpected process crashes when processing malicious web content was fixed in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43663 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43663.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43663" }, { "cve": "CVE-2026-43676", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" }, { "category": "description", "text": "An out-of-bounds access vulnerability causing potential Safari crashes when processing malicious web content was resolved through improved bounds checking in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43676 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43676.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43676" }, { "cve": "CVE-2026-43699", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" }, { "category": "description", "text": "A use-after-free vulnerability in Safari and related Apple operating systems was addressed in version 26.5.2 through enhanced memory management to prevent potential process crashes from malicious web content.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43699 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43699.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43699" }, { "cve": "CVE-2026-43700", "cwe": { "id": "CWE-346", "name": "Origin Validation Error" }, "notes": [ { "category": "other", "text": "Origin Validation Error", "title": "CWE-346" }, { "category": "description", "text": "A cross-origin security vulnerability that risked disclosing sensitive user information from malicious web content was resolved by enhancing security origin tracking in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43700 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43700.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43700" }, { "cve": "CVE-2026-43701", "notes": [ { "category": "description", "text": "A vulnerability allowing malicious websites to process restricted web content outside the sandbox was fixed with improved checks in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43701 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43701.json" } ], "title": "CVE-2026-43701" }, { "cve": "CVE-2026-43703", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" }, { "category": "description", "text": "An issue causing unexpected process crashes due to maliciously crafted web content was resolved through improved memory handling in iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43703 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43703.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43703" }, { "cve": "CVE-2026-43704", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" }, { "category": "description", "text": "A use-after-free vulnerability in Safari, iOS, iPadOS, and macOS Tahoe was fixed by improved memory management to prevent malicious web extensions from causing unexpected process crashes.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43704 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43704.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 5.3, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43704" }, { "cve": "CVE-2026-43705", "cwe": { "id": "CWE-843", "name": "Access of Resource Using Incompatible Type ('Type Confusion')" }, "notes": [ { "category": "other", "text": "Access of Resource Using Incompatible Type ('Type Confusion')", "title": "CWE-843" }, { "category": "description", "text": "A type confusion vulnerability causing potential memory corruption when processing malicious web content was fixed in Safari, iOS, iPadOS, and macOS Tahoe 26.5.2 through enhanced validation checks.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43705 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43705.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43705" }, { "cve": "CVE-2026-43706", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "other", "text": "Double Free", "title": "CWE-415" }, { "category": "description", "text": "A double free vulnerability causing unexpected process crashes when processing malicious web content was fixed in iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2 through improved memory management.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43706 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43706.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43706" }, { "cve": "CVE-2026-43707", "notes": [ { "category": "description", "text": "A memory corruption vulnerability causing unexpected process crashes when handling malicious web content was fixed in Safari, iOS, iPadOS, and macOS Tahoe 26.5.2 through improved memory management.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43707 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43707.json" } ], "title": "CVE-2026-43707" }, { "cve": "CVE-2026-43708", "notes": [ { "category": "description", "text": "A data exfiltration vulnerability caused by insufficient input validation was fixed in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2 through improved input validation.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43708 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43708.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "baseScore": 4.3, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43708" }, { "cve": "CVE-2026-43709", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" }, { "category": "description", "text": "A use-after-free vulnerability in Safari and related Apple operating systems was addressed in version 26.5.2 through enhanced memory management to prevent potential process crashes from malicious web content.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43709 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43709.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43709" }, { "cve": "CVE-2026-43712", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "other", "text": "Out-of-bounds Read", "title": "CWE-125" }, { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" }, { "category": "description", "text": "A memory handling vulnerability causing unexpected process crashes when processing malicious web content was fixed in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43712 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43712.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43712" }, { "cve": "CVE-2026-43713", "notes": [ { "category": "description", "text": "A permissions issue causing potential sensitive data leakage when visiting websites was fixed with additional restrictions in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43713 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43713.json" } ], "title": "CVE-2026-43713" }, { "cve": "CVE-2026-43715", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" }, { "category": "description", "text": "A use-after-free vulnerability causing potential memory corruption from malicious web content was fixed in Safari, iOS, iPadOS, and macOS Tahoe 26.5.2 through improved memory management.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43715 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43715.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43715" }, { "cve": "CVE-2026-43716", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" }, { "category": "description", "text": "Safari versions 26.5.2 across macOS Tahoe, iOS, and iPadOS addressed a crash issue caused by processing maliciously crafted web content through improved memory handling.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43716 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43716.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43716" }, { "cve": "CVE-2026-43717", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" }, { "category": "description", "text": "A use-after-free vulnerability causing Safari crashes when processing malicious web content was fixed in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2 through improved memory management.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43717 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43717.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43717" }, { "cve": "CVE-2026-43718", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "notes": [ { "category": "other", "text": "Stack-based Buffer Overflow", "title": "CWE-121" }, { "category": "description", "text": "A stack overflow vulnerability causing unexpected Safari crashes when processing malicious web content was fixed through improved input validation in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.", "title": "Summary" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43718 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43718.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43718" }, { "cve": "CVE-2026-43720", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" }, { "category": "description", "text": "A use-after-free vulnerability causing Safari crashes when processing malicious web content was fixed in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2 through improved memory management.", "title": "Summary" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43720 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43720.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43720" }, { "cve": "CVE-2026-43721", "notes": [ { "category": "description", "text": "Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2 addressed a vulnerability where malicious websites could hijack clipboard data by implementing improved state management.", "title": "Summary" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43721 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43721.json" } ], "title": "CVE-2026-43721" }, { "cve": "CVE-2026-43722", "notes": [ { "category": "description", "text": "An issue allowing apps to potentially leak sensitive kernel state was resolved through improved input sanitization in iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.", "title": "Summary" }, { "category": "general", "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43722 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43722.json" } ], "title": "CVE-2026-43722" }, { "cve": "CVE-2026-43724", "notes": [ { "category": "description", "text": "An input sanitization flaw allowing apps to cause unexpected system termination or write kernel memory was fixed in iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.", "title": "Summary" }, { "category": "general", "text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43724 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43724.json" } ], "title": "CVE-2026-43724" }, { "cve": "CVE-2026-43725", "notes": [ { "category": "description", "text": "A vulnerability allowing malicious websites to process restricted web content outside the sandbox was fixed through improved input validation in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.", "title": "Summary" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43725 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43725.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "baseScore": 7.1, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43725" }, { "cve": "CVE-2026-43726", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" }, { "category": "description", "text": "A use-after-free vulnerability causing potential process crashes when processing malicious web content was fixed in Safari, iOS, iPadOS, and macOS Tahoe 26.5.2 through improved memory management.", "title": "Summary" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43726 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43726.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43726" }, { "cve": "CVE-2026-43727", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" }, { "category": "description", "text": "A use-after-free vulnerability causing Safari crashes when processing malicious web content was fixed in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2 through improved memory management.", "title": "Summary" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43727 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43727.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43727" }, { "cve": "CVE-2026-43731", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" }, { "category": "description", "text": "A use-after-free vulnerability causing potential memory corruption from malicious web content was fixed in Safari, iOS, iPadOS, and macOS Tahoe 26.5.2 through improved memory management.", "title": "Summary" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43731 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43731.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43731" }, { "cve": "CVE-2026-43732", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" }, "notes": [ { "category": "other", "text": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "title": "CWE-22" }, { "category": "description", "text": "A path handling vulnerability in Safari, iOS, iPadOS, and macOS Tahoe was fixed by improving validation to prevent disclosure of sensitive user information from malicious web content.", "title": "Summary" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43732 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43732.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43732" }, { "cve": "CVE-2026-43734", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" }, { "category": "description", "text": "A use-after-free vulnerability causing potential process crashes when processing malicious web content was fixed in Safari, iOS, iPadOS, and macOS Tahoe 26.5.2 through improved memory management.", "title": "Summary" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43734 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43734.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43734" }, { "cve": "CVE-2026-43735", "notes": [ { "category": "description", "text": "A cross-origin data exfiltration vulnerability in Safari, iOS, iPadOS, and macOS was mitigated by implementing improved security checks in versions 26.5.2.", "title": "Summary" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43735 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43735.json" } ], "title": "CVE-2026-43735" }, { "cve": "CVE-2026-43740", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" }, { "category": "description", "text": "An issue causing process memory disclosure through maliciously crafted web content was resolved by improving memory handling in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.", "title": "Summary" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43740 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43740.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43740" }, { "cve": "CVE-2026-43742", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" }, { "category": "description", "text": "A use-after-free vulnerability in Safari and related Apple operating systems was addressed in version 26.5.2 through enhanced memory management to prevent potential process crashes from malicious web content.", "title": "Summary" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43742 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43742.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43742" }, { "cve": "CVE-2026-43743", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')" }, "notes": [ { "category": "other", "text": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", "title": "CWE-362" }, { "category": "description", "text": "A race condition causing potential unexpected system termination was fixed through improved state handling in iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.", "title": "Summary" }, { "category": "general", "text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43743 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43743.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 4.7, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43743" }, { "cve": "CVE-2026-43745", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "other", "text": "Out-of-bounds Write", "title": "CWE-787" }, { "category": "description", "text": "An out-of-bounds write vulnerability causing unexpected Safari crashes when processing malicious web content was fixed through improved input validation in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.", "title": "Summary" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43745 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43745.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43745" }, { "cve": "CVE-2026-43746", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "other", "text": "Use After Free", "title": "CWE-416" }, { "category": "description", "text": "A use-after-free vulnerability causing Safari crashes when processing malicious web content was fixed in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2 through improved memory management.", "title": "Summary" }, { "category": "general", "text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", "title": "CVSSV4" } ], "product_status": { "known_affected": [ "CSAFPID-1", "CSAFPID-2" ] }, "references": [ { "category": "self", "summary": "CVE-2026-43746 | NCSC-NL Website", "url": "https://vulnerabilities.ncsc.nl/csaf/v2/2026/cve-2026-43746.json" } ], "scores": [ { "cvss_v3": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "products": [ "CSAFPID-1", "CSAFPID-2" ] } ], "title": "CVE-2026-43746" } ] }