CVE-2026-43735

Description

The issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may exfiltrate data cross-origin.

Metadata

CVE ID: CVE-2026-43735
State: PUBLISHED
Assigner: apple
Reserved: 2026-05-01 22:46 UTC
Published: 2026-06-29 19:42 UTC
Last updated: 2026-06-29 19:42 UTC
Vendor / Product: Apple / Safari
Sources: cve.org · NVD

Severity & Metrics

No CVSS data available.

Affected products (3)

Vendor	Product	Platform	Versions
Apple	iOS and iPadOS	—	0 < 26.5.2
Apple	macOS	—	0 < 26.5.2
Apple	Safari	—	0 < 26.5.2

Weakness (CWE)

CWE	Source	Description
—	cna	A malicious website may exfiltrate data cross-origin

References (3)

https://support.apple.com/en-us/127594
https://support.apple.com/en-us/127595
https://support.apple.com/en-us/127685

Back to overview