Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | Safari | affected |
|
||||||
| Apple | iOS and iPadOS | affected |
|
||||||
| Apple | macOS | affected |
|
No data.
No data.
| Vendor | Product | Confidence | Versions | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Apple | Ios And Ipados | 100% |
|
||||||||
| Apple | Macos | 100% |
|
||||||||
| Apple | Safari | 100% |
|
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Tue, 30 Jun 2026 02:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Cross-origin Information Disclosure in Apple Web Browser and Platforms |
Tue, 30 Jun 2026 02:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Apple
Apple ios And Ipados Apple macos Apple safari |
|
| Vendors & Products |
Apple
Apple ios And Ipados Apple macos Apple safari |
Tue, 30 Jun 2026 01:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Cross‑Origin Information Disclosure in Apple Browsers and Operating Systems | |
| Weaknesses | CWE-200 |
Mon, 29 Jun 2026 22:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-346 | |
| Metrics |
cvssV3_1
|
Mon, 29 Jun 2026 21:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Cross‑Origin Information Disclosure in Apple Browsers and Operating Systems | |
| Weaknesses | CWE-200 |
Mon, 29 Jun 2026 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A cross-origin issue was addressed with improved tracking of security origins. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may disclose sensitive user information. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: apple
Published:
Updated: 2026-06-29T21:36:30.506Z
Reserved: 2026-05-01T22:46:21.643Z
Link: CVE-2026-43700
Vulnrichment
Updated: 2026-06-29T21:36:24.108Z
NVD
No data.
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-06-30T02:30:05Z