CVE-2025-43531
Last modified
CVE-2025-43531 is a low-severity vulnerability rated 3.1/10 on the CVSS scale. A race condition was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. EPSS estimates a 0.44% chance of exploitation in the next 30 days.
Description
A race condition was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.
Metrics
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Apple | Safari | < 26.2 |
| Apple | Ipados | < 18.7.3 |
| Apple | Iphone Os | < 18.7.3 |
| Apple | Iphone Os | >= 26.0, < 26.2 |
| Apple | Macos | < 26.2 |
| Apple | Tvos | < 26.2 |
| Apple | Visionos | < 26.2 |
| Apple | Watchos | < 26.2 |
References
- https://support.apple.com/en-us/125884Release Notes, Vendor Advisory
- https://support.apple.com/en-us/125885Release Notes, Vendor Advisory
- https://support.apple.com/en-us/125886Release Notes, Vendor Advisory
- https://support.apple.com/en-us/125889Release Notes, Vendor Advisory
- https://support.apple.com/en-us/125890Release Notes, Vendor Advisory
- https://support.apple.com/en-us/125891Release Notes, Vendor Advisory
- https://support.apple.com/en-us/125892Release Notes, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2025-43531?
How severe is CVE-2025-43531?
How do I fix CVE-2025-43531?
Are you affected by CVE-2025-43531?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST