CVE Catalog

CVE-2026-43676

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.26%

17th percentile — higher than 17% of all known CVEs

Summary

An out-of-bounds access issue was addressed with improved bounds checking. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Risk Assessment

An attacker could cause an unexpected termination of the Safari browser, leading to user disruption and potential loss of unsaved data.

Recommendation

Immediately update Safari to version 26.5.2 and iOS/iPadOS/macOS to the corresponding patched versions.

Original NVD description (English source)

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS