Description
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious web extension may be able to cause an unexpected process crash.
Published: 2026-06-29
Score: 5.3 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A use‑after‑free flaw in the memory handling of Apple web browsers can be triggered by a malicious web extension, potentially causing the process to crash unexpectedly, which results in loss of service for the user or a compromised user experience. The flaw stems from premature deallocation of memory objects used by extensions, which can lead to undefined behavior. While the crash does not provide direct code execution or data exfiltration, it results in denial of service and negative user impact.

Affected Systems

Apple Safari on macOS, as well as the iOS and iPadOS platforms, are affected. Versions prior to 26.5.2 of Safari, iOS, iPadOS, and macOS Tahoe contain the vulnerability. The issue is fixed in Safari 26.5.2, iOS 26.5.2, iPadOS 26.5.2, and macOS Tahoe 26.5.2.

Risk and Exploitability

The EPSS metric is not available, and the vulnerability is not listed in CISA's KEV catalog, indicating no known active exploitation at the time of this report. However, the flaw can be exploited by any malicious web extension, which is a common vector for browser attacks. No CVSS score is provided in the data, but the impact of a crash is significant for availability and user trust.

Generated by OpenCVE AI on June 29, 2026 at 21:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Install the latest version of Safari, iOS, iPadOS, or macOS that includes the 26.5.2 security update or later.
  • Remove or disable any web extensions that are untrusted or no longer needed to reduce the attack surface.
  • Monitor Apple support and security advisory updates for any additional patches or recommendations.

Generated by OpenCVE AI on June 29, 2026 at 21:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 29 Jun 2026 22:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 29 Jun 2026 21:45:00 +0000

Type Values Removed Values Added
Title Use-After-Free Vulnerability in Apple Web Browsers Allowing Malicious Extensions to Crash the Browser Process
Weaknesses CWE-416

Mon, 29 Jun 2026 20:15:00 +0000

Type Values Removed Values Added
Description A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious web extension may be able to cause an unexpected process crash.
References

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published:

Updated: 2026-06-29T21:44:04.195Z

Reserved: 2026-05-01T22:46:21.643Z

Link: CVE-2026-43704

cve-icon Vulnrichment

Updated: 2026-06-29T21:43:54.593Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-29T21:30:03Z

Weaknesses