Primary

Context

Apple WebKit Buffer Overflow Vulnerability Leading to Process Crash

Vulnerability

Patched

A buffer overflow vulnerability has been identified in WebKit, the engine used by Safari and other Apple applications, in several operating systems including iOS, iPadOS, tvOS, watchOS, and visionOS, all version 26.1. This vulnerability allows maliciously crafted web content to cause an unexpected process crash. The issue was addressed with improved bounds checking.

Impact

Exploitation of this vulnerability leads to a process crash, causing a denial of service condition.

Remediation

Users can update to Safari 26.1, or the respective 26.1 version of their operating system, to address this vulnerability.

Added: Nov 4, 2025, 2:55 AM

Updated: Nov 4, 2025, 2:55 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

4.4

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

4.4

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple WebKit Buffer Overflow Vulnerability Leading to Process Crash

Vulnerability

Impact

Remediation

Affected Products

Apple visionOS

Apple iPadOS

Apple tvOS

Apple watchOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating