Safari is the default web browser on Apple's macOS and iOS operating systems.

Apple Safari

Rocky Linux is a Linux distribution intended to be a downstream, complete binary-compatible release using the Red Hat Enterprise Linux operating system source code. The project's aim is to provide a community-supported, production-grade enterprise operating system.

Rocky Linux

AlmaLinux OS is an open-source, community-driven Linux operating system that fills the gap left by the discontinuation of the CentOS Linux stable release. AlmaLinux OS is a 1:1 binary compatible fork of RHEL®, guided and built by the community.

Alma Linux

Debian GNU/Linux is a Linux distribution composed of free and open-source software.

Linux Debian

Fedora is a popular open-source, Linux-based operating system.

Linux Fedora

Red Hat Enterprise Linux is a Linux distribution developed by Red Hat for the commercial market.

Linux Red Hat

Oracle Linux is a Linux distribution packaged and freely distributed by Oracle, available partially under the GNU General Public License since late 2006. It is compiled from Red Hat Enterprise Linux source code, replacing Red Hat branding with Oracle's.

Linux Oracle

Echo is a secure, minimal Linux OS built vulnerability-free. It is fully compatible across environments and continuously patched - making it a clean, dependable base layer for modern applications. Echo is used by organizations focused on security and reliability, including those with compliance or FIPS requirements.

Echo

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Tahoe 26.2, iOS 26.2 and iPadOS 26.2, Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3. Processing maliciously crafted web content may lead to an unexpected process crash.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-46282	MEDIUM	5.5	Apple Safari	cpe:2.3:a:apple:safari	No	Yes	Dec 17, 2025
CVE-2025-43541	MEDIUM	4.3	Apple Safari	webkitgtk	No	Yes	Dec 17, 2025
CVE-2025-43536	MEDIUM	4.3	Apple Safari	webkitgtk6.0	No	Yes	Dec 17, 2025
CVE-2025-43535	MEDIUM	4.3	Apple Safari	webkitgtk-doc	No	Yes	Dec 17, 2025
CVE-2025-43531	LOW	3.1	Apple Safari	webkit2gtk3-jsc	No	Yes	Dec 17, 2025

CVE-2025-43536:
Apple Safari vulnerability analysis and mitigation

4.3

Related Apple Safari vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2025-43536: Apple Safari vulnerability analysis and mitigation