Use-After-Free Vulnerability in Apple Safari and iOS Products
CVE-2026-43715

8.8HIGH

Key Information:

Vendor: Apple
Status: Safari; iOS And iPad OS; Mac OS
Vendor: CVE Published:; 29 June 2026

What is CVE-2026-43715?

A use-after-free vulnerability was identified in Apple’s Safari browser and iOS platforms, which could allow attackers to craft malicious web content that may result in memory corruption. This vulnerability has been addressed with enhanced memory management protocols in versions 26.5.2 of Safari, iOS, iPadOS, and macOS Tahoe. Users are encouraged to update their software to the latest versions to mitigate potential risks associated with this vulnerability.

Affected Version(s)

iOS and iPadOS 0 < 26.5.2

macOS 0 < 26.5.2

Safari 0 < 26.5.2

References

https://support.apple.com/en-us/127594

https://support.apple.com/en-us/127595

https://support.apple.com/en-us/127685

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 29, 2026
Vulnerability Reserved
May 1, 2026

CVE-2026-43715 Data

JSON