CVE-2026-43705
Received Received - Intake

Type Confusion in Safari Leading to Memory Corruption

Publication date: 2026-06-29

Last updated on: 2026-06-29

Assigner: Apple Inc.

Description
A type confusion issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-29
Last Modified
2026-06-29
Generated
2026-06-30
AI Q&A
2026-06-29
EPSS Evaluated
N/A
NVD
CVE-2026-43705

Affected Vendors & Products

Showing 4 associated CPEs
Vendor Product Version / Range
apple safari 26.5.2
apple ios 26.5.2
apple ipados 26.5.2
apple macos_tahoe 26.5.2

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-843 The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a type confusion issue that occurs when processing maliciously crafted web content. Type confusion means that the software mistakenly treats a piece of data as a different type than it actually is, which can lead to unexpected behavior.

In this case, the issue could cause memory corruption, which means that the program's memory could be altered in unintended ways, potentially leading to crashes or exploitation.

The issue has been fixed in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2 by implementing improved checks to prevent this type confusion.

Impact Analysis

If exploited, this vulnerability could lead to memory corruption when processing malicious web content. This could cause the affected application or system to crash or behave unpredictably.

In some cases, memory corruption vulnerabilities can be leveraged by attackers to execute arbitrary code, potentially allowing them to take control of the affected device or access sensitive information.

Mitigation Strategies

To mitigate this vulnerability, update Safari, iOS, iPadOS, or macOS Tahoe to version 26.5.2 or later where the issue is fixed.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-43705. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart