CVE-2025-43529HIGH 8.8CISA KEVEPSS p94.0%

CVE-2025-43529Apple Multiple Products Use-After-Free WebKit Vulnerability

Apple / Multiple Products

Description

Apple iOS, iPadOS, macOS, and other Apple products contain a use-after-free vulnerability in WebKit. Processing maliciously crafted web content may lead to memory corruption. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS8.00% probability of exploitation · percentile 94.0% · 2026-06-19T12:03:05Z
Published2025-12-17
Last modified2026-04-03

CISA KEV entry

Added to KEV: 2025-12-15

Underlying weaknesses· 1

CWE-416

References

  1. https://support.apple.com/en-us/125884
  2. https://support.apple.com/en-us/125885
  3. https://support.apple.com/en-us/125886
  4. https://support.apple.com/en-us/125889
  5. https://support.apple.com/en-us/125890
  6. https://support.apple.com/en-us/125891
  7. https://support.apple.com/en-us/125892
  8. https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-43529

1

TypeTargetConfidenceTier
WeaknessUse After Freecwe-4160%live

(incoming)1

TypeTargetConfidenceTier
KEVEntryApple Multiple Products Use-After-Free WebKit Vulnerabilitykev-cve-2025-435290%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Apple Multiple Products WebKit Use-After-Free Vulnerability
CVE
Apple iOS, iPadOS, macOS Use-After-Free Vulnerability
CVE
Apple iOS, iPadOS, and macOS Webkit Use-After-Free Vulnerability
CVE
Apple Multiple Products WebKit Storage Use-After-Free Vulnerability
CVE
Apple iOS WebKit Use-After-Free Vulnerability
CVE
Apple Multiple Products WebKit Memory Corruption Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.