Primary

Context

Apple WebKit Denial-of-Service Vulnerability

Vulnerability

Patched

A denial-of-service vulnerability has been identified in WebKit, the engine that powers the Safari browser and other applications on Apple devices. This vulnerability is present in WebKit versions prior to 26.1 and can be exploited by processing maliciously crafted web content, leading to an unexpected process crash. The issue has been addressed in Safari 26.1, as well as in the latest versions of iOS, iPadOS, tvOS, watchOS, and visionOS.

Impact

Exploitation of this vulnerability causes an unexpected process crash, leading to a denial-of-service condition.

Remediation

Users can update to Safari 26.1 or the latest versions of iOS, iPadOS, tvOS, watchOS, or visionOS to address this vulnerability.

Added: Nov 4, 2025, 2:34 AM

Updated: Nov 4, 2025, 2:34 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

4.4

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

4.4

remediation

7.7

relevance

0.9

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple WebKit Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Apple visionOS

Apple watchOS

Apple tvOS

Apple iPadOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating