cbcvebase.
CVE-2025-43338
published 2025-11-04

CVE-2025-43338: An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 26 and iPadOS 26, macOS Sonoma 14.8.2, macOS Sonoma…

high7.1CVSS 3.1
AVLACLPRNUIRSUCHINAH
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 26 and iPadOS 26, macOS Sonoma 14.8.2, macOS Sonoma 14.8.4, macOS Tahoe 26. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.

Affected

10 ranges
VendorProductVersion rangeFixed in
appleios_26_and_ipados
appleios_and_ipados< 2626
appleipados< 26.026.0
appleiphone_os< 26.026.0
applemacos< 14.8.414.8.4
applemacos< 2626
applemacos< 14.8.214.8.2
applemacos_sonoma
applemacos_sonoma
applemacos_tahoe
CVE-2025-43338 — Cross-site Scripting in Apple | cvebase