cbcvebase.
CVE-2025-43226
published 2025-07-30

CVE-2025-43226: An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS…

medium4CVSS 3.1
AVLACLPRNUINSUCLINAN
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, macOS Sonoma 14.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing a maliciously crafted image may result in disclosure of process memory.

Affected

17 ranges
VendorProductVersion rangeFixed in
appleios_18.6_and_ipados
appleios_and_ipados< 18.618.6
appleipados< 17.7.917.7.9
appleipados
appleipados>= 18.0 < 18.618.6
appleiphone_os< 18.618.6
applemacos< 15.615.6
applemacos< 14.7.714.7.7
applemacos>= 15.0 < 15.615.6
applemacos_sequoia
applemacos_sonoma
appletvos< 18.618.6
appletvos
applevisionos< 2.62.6
applevisionos
applewatchos< 11.611.6
applewatchos

CVSS provenance

nvdv3.14.0MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cisa7.8HIGH