Use-After-Free Vulnerability in Safari and Apple Operating Systems
CVE-2026-43704

Currently unrated

Key Information:

Vendor: Apple
Status: Safari; iOS And iPad OS; Mac OS
Vendor: CVE Published:; 29 June 2026

What is CVE-2026-43704?

A use-after-free vulnerability has been identified in Safari and various Apple operating systems, allowing a malicious web extension to potentially exploit memory management flaws, leading to unexpected process crashes. This issue has been rectified in version 26.5.2 of Safari, iOS, iPadOS, and macOS Tahoe, ensuring enhanced stability and security for users.

Affected Version(s)

iOS and iPadOS 0 < 26.5.2

macOS 0 < 26.5.2

Safari 0 < 26.5.2

References

https://support.apple.com/en-us/127594

https://support.apple.com/en-us/127595

https://support.apple.com/en-us/127685

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 29, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43704 Data

JSON