Cross-Origin Vulnerability in Safari and Apple Products
CVE-2026-43700

Currently unrated

Key Information:

Vendor: Apple
Status: Safari; iOS And iPad OS; Mac OS
Vendor: CVE Published:; 29 June 2026

What is CVE-2026-43700?

A cross-origin vulnerability has been identified in Safari and various Apple operating systems. This security issue arises from inadequate tracking of security origins, which could allow maliciously crafted web content to expose sensitive user information. Users are advised to update to the latest versions of Safari, iOS, iPadOS, and macOS Tahoe to protect against potential data leaks and ensure a secure browsing experience.

Affected Version(s)

iOS and iPadOS 0 < 26.5.2

macOS 0 < 26.5.2

Safari 0 < 26.5.2

References

https://support.apple.com/en-us/127594

https://support.apple.com/en-us/127595

https://support.apple.com/en-us/127685

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 29, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43700 Data

JSON