CVE-2026-43732_CVE-2026-43732

6.5 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Description

A path handling issue was addressed with improved validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may disclose sensitive user information.

Basic Information

ID CVE-2026-43732

Source apple

Published Jun 29, 2026 at 19:42

Modified Jun 29, 2026 at 21:30

Affected Product

Vendor Apple

Product Safari

Affected Versions Apple Safari 0
Apple iOS and iPadOS 0
Apple macOS 0

CWE Classification

CWE-22

References

{
    "lastseen": "",
    "description": "A path handling issue was addressed with improved validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may disclose sensitive user information.",
    "published": "2026-06-29T19:42:58.759Z",
    "modified": "2026-06-29T21:30:55.046Z",
    "type": "cve",
    "title": "CVE-2026-43732",
    "source": "apple",
    "references": "https://support.apple.com/en-us/127594\nhttps://support.apple.com/en-us/127595\nhttps://support.apple.com/en-us/127685",
    "id": "CVE-2026-43732",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "Apple Safari 0\nApple iOS and iPadOS 0\nApple macOS 0",
    "sourceHref": "",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Safari",
    "version": "0",
    "vendor": "Apple",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}