The issue was addressed by adding additional logic. This issue is fixed in Safari 26. Visiting a malicious website may lead to address bar spoofing.
2025-09-15T23:15:35.397
2025-11-04T02:15:39.597
Modified
CVSSv3.1: 6.5 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | apple | safari | < 26.0 | Yes |
| Operating System | apple | macos | < 26.0 | Yes |