Primary

Context

Apple WebKit Denial-of-Service Vulnerability in Safari, iOS, iPadOS, watchOS, tvOS, and visionOS

Vulnerability

Patched

A denial-of-service vulnerability has been identified in the WebKit component of Safari and various Apple operating systems, including iOS, iPadOS, watchOS, tvOS, and visionOS. This vulnerability allows processing of maliciously crafted web content, leading to an unexpected process crash. The issue arises from a use-after-free condition that was addressed with improved memory management.

Impact

Exploitation of this vulnerability causes an unexpected process crash, disrupting the normal operation of the application or service.

Remediation

This vulnerability has been fixed in Safari 26.1, as well as in the corresponding updates for iOS, iPadOS, watchOS, tvOS, and visionOS. Users should update to these versions to address the vulnerability.

Added: Nov 4, 2025, 2:46 AM

Updated: Nov 4, 2025, 2:46 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

3.3

exploitability

4.4

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

3.3

exploitability

4.4

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple WebKit Denial-of-Service Vulnerability in Safari, iOS, iPadOS, watchOS, tvOS, and visionOS

Vulnerability

Impact

Remediation

Affected Products

Apple visionOS

Apple watchOS

Apple tvOS

Apple iPadOS

Apple macOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating