CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-43362
https://notcve.org/view.php?id=CVE-2025-43362
15 Sep 2025 — The issue was addressed with improved checks. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26. An app may be able to monitor keystrokes without user permission. The issue was addressed with improved checks. This issue is fixed in iOS 26 and iPadOS 26, iOS 18.7 and iPadOS 18.7. • https://support.apple.com/en-us/125108 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-43303
https://notcve.org/view.php?id=CVE-2025-43303
15 Sep 2025 — A logging issue was addressed with improved data redaction. This issue is fixed in tvOS 26, watchOS 26, visionOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to access sensitive user data. A logging issue was addressed with improved data redaction. This issue is fixed in visionOS 26, tvOS 26, iOS 26 and iPadOS 26, watchOS 26. • https://support.apple.com/en-us/125108 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-43354
https://notcve.org/view.php?id=CVE-2025-43354
15 Sep 2025 — A logging issue was addressed with improved data redaction. This issue is fixed in tvOS 26, watchOS 26, visionOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to access sensitive user data. A logging issue was addressed with improved data redaction. This issue is fixed in visionOS 26, tvOS 26, iOS 26 and iPadOS 26, watchOS 26. • https://support.apple.com/en-us/125108 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2025-43342 – webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash
https://notcve.org/view.php?id=CVE-2025-43342
15 Sep 2025 — A correctness issue was addressed with improved checks. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected process crash. A correctness issue was addressed with improved checks. This issue is fixed in Safari 26, tvOS 26, watchOS 26, iOS 26 and iPadOS 26, visionOS 26, iOS 18.7 and iPadOS 18.7. • https://support.apple.com/en-us/125108 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-43357
https://notcve.org/view.php?id=CVE-2025-43357
15 Sep 2025 — This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to fingerprint the user. This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 26 and iPadOS 26. • https://support.apple.com/en-us/125108 • CWE-359: Exposure of Private Personal Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-43272 – webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
https://notcve.org/view.php?id=CVE-2025-43272
15 Sep 2025 — The issue was addressed with improved memory handling. This issue is fixed in Safari 26, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash. The issue was addressed with improved memory handling. This issue is fixed in visionOS 26, Safari 26, iOS 26 and iPadOS 26, watchOS 26. • https://support.apple.com/en-us/125108 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-43317
https://notcve.org/view.php?id=CVE-2025-43317
15 Sep 2025 — A permissions issue was addressed with additional restrictions. This issue is fixed in tvOS 26, watchOS 26, visionOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to access sensitive user data. A permissions issue was addressed with additional restrictions. This issue is fixed in visionOS 26, tvOS 26, iOS 26 and iPadOS 26, watchOS 26. • https://support.apple.com/en-us/125108 • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2025-43356 – webkitgtk: A website may be able to access sensor information without user consent
https://notcve.org/view.php?id=CVE-2025-43356
15 Sep 2025 — The issue was addressed with improved handling of caches. This issue is fixed in tvOS 26, Safari 26, iOS 18.7 and iPadOS 18.7, visionOS 26, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. A website may be able to access sensor information without user consent. The issue was addressed with improved handling of caches. This issue is fixed in Safari 26, tvOS 26, watchOS 26, iOS 26 and iPadOS 26, visionOS 26, iOS 18.7 and iPadOS 18.7. • https://support.apple.com/en-us/125108 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-31255
https://notcve.org/view.php?id=CVE-2025-31255
15 Sep 2025 — An authorization issue was addressed with improved state management. This issue is fixed in tvOS 26, macOS Sonoma 14.8, macOS Sequoia 15.7, watchOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to access sensitive user data. An authorization issue was addressed with improved state management. This issue is fixed in tvOS 26, watchOS 26, macOS Sonoma 14.8, iOS 26 and iPadOS 26, macOS Sequoia 15.7. • https://support.apple.com/en-us/125108 • CWE-285: Improper Authorization •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-43347
https://notcve.org/view.php?id=CVE-2025-43347
15 Sep 2025 — This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 26, watchOS 26, visionOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An input validation issue was addressed. This issue was addressed by removing the vulnerable code. This issue is fixed in visionOS 26, tvOS 26, iOS 26 and iPadOS 26, watchOS 26. • https://support.apple.com/en-us/125108 • CWE-20: Improper Input Validation •