{"id":"CVE-2025-43480","details":"The issue was addressed with improved checks. This issue is fixed in tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, visionOS 26.1. A malicious website may exfiltrate data cross-origin.","modified":"2026-03-13T07:59:56.524674Z","published":"2025-11-04T02:15:52.400Z","related":["ALSA-2025:22789","ALSA-2025:22790","SUSE-SU-2025:4416-1","SUSE-SU-2025:4423-1","SUSE-SU-2026:0021-1","SUSE-SU-2026:20102-1","openSUSE-SU-2026:20065-1"],"references":[{"type":"WEB","url":"https://support.apple.com/en-us/125634"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/125637"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/125638"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/125639"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/125640"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/125632"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"26.1"}]},{"events":[{"introduced":"0"},{"fixed":"26.1"}]},{"events":[{"introduced":"0"},{"fixed":"26.1"}]},{"events":[{"introduced":"0"},{"fixed":"26.1"}]},{"events":[{"introduced":"0"},{"fixed":"26.1"}]},{"events":[{"introduced":"0"},{"fixed":"26.1"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-43480.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}]}