Primary

Context

Apple WebKit Use-After-Free Vulnerability Leading to Process Crash

Vulnerability

Patched

A use-after-free vulnerability has been identified in the WebKit component of Apple Safari, visionOS, watchOS, iOS, iPadOS, and tvOS. This vulnerability allows maliciously crafted web content to be processed in a way that leads to memory corruption, causing an unexpected crash of the affected process. The issue arises from improper memory management, which can be exploited by processing certain types of media files or visiting malicious websites.

Impact

Exploitation of this vulnerability causes a process crash, disrupting the normal operation of the application or service in use.

Remediation

This vulnerability has been fixed in Safari 26.1, visionOS 26.1, watchOS 26.1, iOS 26.1, iPadOS 26.1, and tvOS 26.1.

Added: Nov 4, 2025, 2:52 AM

Updated: Nov 4, 2025, 2:52 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

1.5

exploitability

4.4

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

1.5

exploitability

4.4

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple WebKit Use-After-Free Vulnerability Leading to Process Crash

Vulnerability

Impact

Remediation

Affected Products

Apple visionOS

Apple iPadOS

Apple tvOS

Apple watchOS

Apple macOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating