CVE-2026-43708 | Apple Safari/iOS/iPadOS/macOS up to 26.5.1 Website cross-domain policy

SecurityVulns

A vulnerability, which was classified as problematic, has been found in Apple Safari, iOS, iPadOS and macOS up to 26.5.1. Affected is an unknown function of the component Website Handler. This manipulation causes permissive cross-domain policy with untrusted domains.

This vulnerability is registered as CVE-2026-43708. Remote exploitation of the attack is possible. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More