CVE-2025-43541
MediumVulnerability Description
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
USN-7957-1
USN-7957-1: WebKitGTK vulnerabilities
CVE-2025-43541
CVE-2025-43541
DSA-6083-1
DSA-6083-1 webkit2gtk - security update
RHSA-2025:23663
RHSA-2025:23663: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
RHSA-2025:23700
RHSA-2025:23700: webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
References & Resources
-
https://support.apple.com/en-us/125884product-security@apple.com Release Notes Vendor Advisory
-
https://support.apple.com/en-us/125885product-security@apple.com Release Notes Vendor Advisory
-
https://support.apple.com/en-us/125886product-security@apple.com Release Notes Vendor Advisory
-
https://support.apple.com/en-us/125891product-security@apple.com Release Notes Vendor Advisory
-
https://support.apple.com/en-us/125892product-security@apple.com Release Notes Vendor Advisory
Severity Details
Key Information
- Published Date
- December 17, 2025
