Description
The issue was addressed by adding additional logic. This issue is fixed in Safari 26, macOS Tahoe 26. Visiting a malicious website may lead to address bar spoofing.
Published: 2025-09-15
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Address bar spoofing
Action: Patch
AI Analysis

Impact

Safari and macOS versions prior to 26 suffer from an address bar spoofing flaw that allows a crafted website to cause Safari to display a false address bar, deceiving users into believing they are on a legitimate site. The flaw is categorized as CWE-451, revealing information that an attacker can abuse to mislead users. The consequences include phishing, credential theft, or broader social engineering attacks.

Affected Systems

Apple Safari and macOS Tahoe releases up through version 26 are affected. Any installation of these product families that predates Safari 26 or macOS Tahoe 26 remains vulnerable until the appropriate update is applied.

Risk and Exploitability

The CVSS score of 6.5 places the vulnerability in the moderate‑to‑high range. The EPSS score of less than 1% indicates a low likelihood of exploitation at this time, and the flaw is not listed in the CISA KEV catalog. Exploitation requires a user to visit a malicious web page, so the attack vector is web‑based. While the impact is significant if exploited, the overall risk is moderated by the low exploitation probability and the availability of a patch.

Generated by OpenCVE AI on April 28, 2026 at 10:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the Safari and macOS updates that introduce the spoofing protection logic, specifically Safari 26 and macOS Tahoe 26.
  • Enable automatic system updates to ensure future security fixes are applied without manual intervention.
  • Educate users to validate URLs and remain cautious of sites where the address bar content does not match the displayed page.

Generated by OpenCVE AI on April 28, 2026 at 10:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-29349 The issue was addressed by adding additional logic. This issue is fixed in Safari 26, macOS Tahoe 26. Visiting a malicious website may lead to address bar spoofing.
History

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Description The issue was addressed by adding additional logic. This issue is fixed in Safari 26. Visiting a malicious website may lead to address bar spoofing. The issue was addressed by adding additional logic. This issue is fixed in Safari 26, macOS Tahoe 26. Visiting a malicious website may lead to address bar spoofing.
References

Tue, 04 Nov 2025 02:30:00 +0000

Type Values Removed Values Added
References

Tue, 04 Nov 2025 01:45:00 +0000

Type Values Removed Values Added
Description The issue was addressed by adding additional logic. This issue is fixed in Safari 26, macOS Tahoe 26. Visiting a malicious website may lead to address bar spoofing. The issue was addressed by adding additional logic. This issue is fixed in Safari 26. Visiting a malicious website may lead to address bar spoofing.

Mon, 03 Nov 2025 19:30:00 +0000

Type Values Removed Values Added
References

Wed, 17 Sep 2025 14:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Wed, 17 Sep 2025 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Apple safari
Vendors & Products Apple
Apple macos
Apple safari

Tue, 16 Sep 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 16 Sep 2025 15:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-451
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}

Mon, 15 Sep 2025 22:45:00 +0000

Type Values Removed Values Added
Description The issue was addressed by adding additional logic. This issue is fixed in Safari 26, macOS Tahoe 26. Visiting a malicious website may lead to address bar spoofing.
References

Subscriptions

Apple Macos Safari
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-04-02T18:08:05.223Z

Reserved: 2025-04-16T15:24:37.108Z

Link: CVE-2025-43327

cve-icon Vulnrichment

Updated: 2025-11-03T18:11:20.730Z

cve-icon NVD

Status : Modified

Published: 2025-09-15T23:15:35.397

Modified: 2026-04-02T19:20:26.760

Link: CVE-2025-43327

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T11:00:14Z

Weaknesses