Primary

Context

Apple WebKit Use-After-Free Vulnerability Leading to Safari Crash

Vulnerability

Patched

A use-after-free vulnerability has been identified in the WebKit component of Apple products, including watchOS 26.1, iOS 26.1, iPadOS 26.1, and visionOS 26.1. This vulnerability arises from improper memory management when processing maliciously crafted web content, which can lead to memory corruption and cause an unexpected crash in the Safari browser.

Impact

Exploitation of this vulnerability causes a crash in the Safari browser, disrupting the user experience and potentially leading to further exploitation opportunities.

Remediation

Users can update to watchOS 26.1, iOS 26.1, iPadOS 26.1, or visionOS 26.1 to address this vulnerability.

Added: Nov 4, 2025, 2:35 AM

Updated: Nov 4, 2025, 2:35 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.4

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.4

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple WebKit Use-After-Free Vulnerability Leading to Safari Crash

Vulnerability

Impact

Remediation

Affected Products

Apple watchOS

Apple iPadOS

Apple Safari

Apple visionOS

Apple macOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating