Address Bar Spoofing Vulnerability in Apple iOS and Safari Products
CVE-2025-43493

Currently unrated

Key Information:

Vendor

Apple
Status
Safari
Visionos
iOS And iPad OS
Vendor
CVE Published:
4 November 2025

What is CVE-2025-43493?

A vulnerability has been identified in Apple's iOS, iPadOS, and Safari products, which may allow an attacker to exploit address bar spoofing. By visiting a malicious website, users could be misled by deceptive URLs that appear legitimate, potentially compromising personal information. Updates in iOS 26.1, iPadOS 26.1, and Safari 26.1 have implemented improved checks to mitigate this issue, ensuring a safer browsing experience.

Affected Version(s)

iOS and iPadOS < 26.1

Safari < 26.1

visionOS < 26.1

References

https://support.apple.com/en-us/125640
https://support.apple.com/en-us/125638
https://support.apple.com/en-us/125632

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-43493 : Address Bar Spoofing Vulnerability in Apple iOS and Safari Products