Multiple Vulnerabilities in Apple's iOS, iPadOS, Safari, and visionOS Products
CVE-2025-43421

4.3MEDIUM

Key Information:

Vendor

Apple
Status
Safari
Visionos
iOS And iPad OS
Vendor
CVE Published:
4 November 2025

What is CVE-2025-43421?

Apple has addressed multiple vulnerabilities in its iOS, iPadOS, Safari, and visionOS platforms by mitigating array allocation sinking. This vulnerability could allow processing of specially crafted web content, potentially causing an unexpected crash of the process. Users are encouraged to update to the latest versions to protect their devices from these issues. For further information, please refer to the official Apple support documentation.

Affected Version(s)

iOS and iPadOS < 26.1

Safari < 26.1

visionOS < 26.1

References

https://support.apple.com/en-us/125640
https://support.apple.com/en-us/125638
https://support.apple.com/en-us/125632

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.