Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-43421

Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, Safari 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.

Published

2025-11-04T02:15:47.977

Last Modified

2025-12-17T21:16:01.087

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.3 (MEDIUM)

Weaknesses

Type: Secondary
CWE-125
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apple	safari	< 26.1	Yes
Operating System	apple	ipados	< 26.1	Yes
Operating System	apple	iphone_os	< 26.1	Yes
Operating System	apple	visionos	< 26.1	Yes

References

https://support.apple.com/en-us/125632 Release Notes, Vendor Advisory ([email protected])
https://support.apple.com/en-us/125634 ([email protected])
https://support.apple.com/en-us/125638 Release Notes, Vendor Advisory ([email protected])
https://support.apple.com/en-us/125640 Release Notes, Vendor Advisory ([email protected])