CVE-2026-43727EXPLOITEDPATCHED

apple · safari

CVE-2026-43727: A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 a

Description

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Affected Products

Vendor	Product	Versions
apple	safari	0, 0, 0, 26.5.1

References

Related News (1 articles)

Tier C

VulDB5h ago

CVE-2026-43727 | Apple Safari/iOS/iPadOS/macOS up to 26.5.1 Web use after free

→ No new info (linked only)

CVSS 3.16.5 CRITICAL

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

26.5.2

PublishedJun 29, 2026

Last enriched4h agov2

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2026-43731EXP

CVE-2026-43731: A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 a

Trending: 54

CRITICALCVE-2026-43715EXP

CVE-2026-43715: A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 a

Trending: 54

CRITICALCVE-2026-43709EXP

CVE-2026-43709: A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 a

Trending: 49

CRITICALCVE-2026-43721EXP

CVE-2026-43721: This issue was addressed through improved state management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS

Trending: 49

CRITICALCVE-2026-43718EXP

CVE-2026-43718: A stack overflow was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPad

Trending: 49

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 29, 2026

Discovered by ZDM

Jun 29, 2026

Actively Exploited

Jun 29, 2026

Patch Available

Jun 29, 2026

Updated: severity, activelyExploited, affectedVersions, tags

Jun 29, 2026

Version History

Last enriched 4h ago

v2Tier C4h ago

Updated severity to CRITICAL, marked as actively exploited, and added affected version 26.5.1.

severityactivelyExploitedaffectedVersionstags

via VulDB

v18h ago

Initial creation