CVEFinder.io

CVE-2025-46299

đŸ”ļ medium
Summary

A memory initialization issue was addressed with improved memory handling. This issue is fixed in tvOS 26.2, Safari 26.2, watchOS 26.2, visionOS 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2. Processing maliciously crafted web content may disclose internal states of the app.

CVSS Score
4.3
Medium
EPSS Score
0.1
Exploit Probability
Published Date
2026-01-09
First Seen: 2026-01-17
Last Modified 2026-01-14
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CWE IDs (Weakness Types)
CWE-284

🔗 References 6

https://support.apple.com/en-us/125884
Release Notes Vendor Advisory
https://support.apple.com/en-us/125886
Release Notes Vendor Advisory
https://support.apple.com/en-us/125889
Release Notes Vendor Advisory
https://support.apple.com/en-us/125890
Release Notes Vendor Advisory
https://support.apple.com/en-us/125891
Release Notes Vendor Advisory
https://support.apple.com/en-us/125892
Release Notes Vendor Advisory

đŸ“Ļ Affected Products 7

Vendor Product Status Affected Versions
apple safari Affected
< 26.2
apple iphone_os Affected
< 26.2
apple watchos Affected
< 26.2
apple tvos Affected
< 26.2
apple ipados Affected
< 26.2
apple macos Affected
< 26.2
apple visionos Affected
< 26.2

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2025-46306 đŸ”ļ medium 5.5 0.0 The issue was addressed with improved bounds checks. This issue is fixed in macOS Tahoe 26, Keynote 15.1, iOS 26 and iPa... 2026-01-28
CVE-2025-46316 đŸ”ļ medium 4.3 0.0 An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 26.1 and iPadOS 26.1, Pag... 2026-01-28
CVE-2024-44238 ⚠ī¸ high 7.8 0.0 The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1. An app may be able... 2026-01-16
CVE-2024-54556 ℹī¸ low 2.4 0.0 This issue was addressed through improved state management. This issue is fixed in iOS 18.1 and iPadOS 18.1. A user may ... 2026-01-16
CVE-2025-24089 đŸ”ļ medium 5.3 0.0 A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3. An app ... 2026-01-16
CVE-2025-24090 ℹī¸ low 3.3 0.0 A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.3 and iPadOS 18.3. An app ... 2026-01-16
These CVEs affect the same products