{"id":"CVE-2024-40866","details":"The issue was addressed with improved UI. This issue is fixed in Safari 18, macOS Sequoia 15. Visiting a malicious website may lead to address bar spoofing.","modified":"2026-03-13T07:57:13.369629Z","published":"2024-09-17T00:15:49.840Z","related":["ALSA-2024:8180","ALSA-2024:9553","ALSA-2024:9636","MGASA-2025-0313","SUSE-SU-2024:3751-1","SUSE-SU-2024:3752-1","SUSE-SU-2024:3869-1","SUSE-SU-2024:3870-1","SUSE-SU-2024:4084-1","SUSE-SU-2025:0043-1","SUSE-SU-2025:0096-1","SUSE-SU-2025:0104-1"],"references":[{"type":"WEB","url":"http://seclists.org/fulldisclosure/2024/Sep/33"},{"type":"WEB","url":"http://seclists.org/fulldisclosure/2024/Sep/37"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/11/msg00019.html"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/121238"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/121241"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-40866.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"18.0"}]},{"events":[{"introduced":"0"},{"fixed":"15.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}]}