Primary

Context

Apple WebKit Processing Maliciously Crafted Web Content Leading to Process Crash Vulnerability

Vulnerability

A vulnerability in WebKit, the engine used by Safari, was introduced in several Apple operating systems, including iOS, iPadOS, watchOS, tvOS, and visionOS. This vulnerability allows processing of maliciously crafted web content, which can lead to an unexpected crash of the affected process. The issue was addressed with improved state management and memory handling.

Impact

Exploitation of this vulnerability causes an unexpected crash of the affected process, disrupting normal operation and potentially leading to a denial of service.

Remediation

Users can update to Safari 26.1, which is available on macOS Sonoma and Sequoia, as well as on iOS 26.1, iPadOS 26.1, watchOS 26.1, and tvOS 26.1.

Added: Nov 4, 2025, 2:54 AM

Updated: Nov 4, 2025, 2:54 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.4

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

6.4

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple WebKit Processing Maliciously Crafted Web Content Leading to Process Crash Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating