Total CVEs

145,845

Critical Severity

4,280

High Severity

15,756

Last 7 Days

2,276
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 5,301 - 5,320 of 42,250 CVEs
CVE-2026-43716 MEDIUM - 6.5

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Vendor: apple
Product: safari
Published: Jun 29, 2026
Source: NVD
CVE-2026-43715 HIGH - 8.8

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption.

Vendor: apple
Product: safari
Published: Jun 29, 2026
Source: NVD
CVE-2026-43713 MEDIUM - 6.5

A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Visiting a website may leak sensitive data.

Vendor: apple
Product: safari
Published: Jun 29, 2026
Source: NVD
CVE-2026-43712 MEDIUM - 6.5

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Vendor: apple
Product: safari
Published: Jun 29, 2026
Source: NVD
CVE-2026-43709 MEDIUM - 6.5

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Vendor: apple
Product: safari
Published: Jun 29, 2026
Source: NVD
CVE-2026-43708 MEDIUM - 4.3

The issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may exfiltrate data cross-origin.

Vendor: apple
Product: safari
Published: Jun 29, 2026
Source: NVD
CVE-2026-43707 MEDIUM - 6.5

A memory corruption issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Vendor: apple
Product: safari
Published: Jun 29, 2026
Source: NVD
CVE-2026-43706 MEDIUM - 6.5

A double free issue was addressed with improved memory management. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Vendor: apple
Product: ipados
Published: Jun 29, 2026
Source: NVD
CVE-2026-43705 HIGH - 8.8

A type confusion issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption.

Vendor: apple
Product: safari
Published: Jun 29, 2026
Source: NVD
CVE-2026-43704 MEDIUM - 5.3

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious web extension may be able to cause an unexpected process crash.

Vendor: apple
Product: safari
Published: Jun 29, 2026
Source: NVD
CVE-2026-43703 MEDIUM - 6.5

The issue was addressed with improved memory handling. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Vendor: apple
Product: ipados
Published: Jun 29, 2026
Source: NVD
CVE-2026-43701 HIGH - 7.1

The issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to process restricted web content outside the sandbox.

Vendor: apple
Product: safari
Published: Jun 29, 2026
Source: NVD
CVE-2026-43700 MEDIUM - 6.5

A cross-origin issue was addressed with improved tracking of security origins. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may disclose sensitive user information.

Vendor: apple
Product: safari
Published: Jun 29, 2026
Source: NVD
CVE-2026-43699 MEDIUM - 6.5

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Vendor: apple
Product: safari
Published: Jun 29, 2026
Source: NVD
CVE-2026-43676 MEDIUM - 6.5

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Vendor: apple
Product: safari
Published: Jun 29, 2026
Source: NVD
CVE-2026-43663 MEDIUM - 6.5

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Vendor: apple
Product: safari
Published: Jun 29, 2026
Source: NVD
CVE-2026-39872 MEDIUM - 6.5

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Vendor: apple
Product: safari
Published: Jun 29, 2026
Source: NVD
CVE-2026-39868 CRITICAL - 9.1

This issue was addressed with improved input validation. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. An app may be able to cause unexpected system termination or corrupt kernel memory.

Vendor: apple
Product: ipados
Published: Jun 29, 2026
Source: NVD
CVE-2026-37637 CRITICAL - 9.1

An issue in Alexantr filemanager v.1.0 allows a remote attacker to execute arbitrary code via the filemanager.php component

Published: Jun 29, 2026
Source: NVD
CVE-2026-31016 MEDIUM - 6.5

Cross Site Request Forgery vulnerability in Squidex.io Squidex CMS v.7.21.0 and before allows a remote attacker to escalate privileges via the IdentityServer account profile endpoint

Published: Jun 29, 2026
Source: NVD