This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions.
| Vendor | Product | Versions |
|---|---|---|
| apple | safari | 0, 0, 0, 0 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| amazon | amazon linux | cert_advisory | 90% |
| debian | debian linux | cert_advisory | 90% |
| open source | webkitgtk | cert_advisory | 90% |
| su | suse linux | cert_advisory | 90% |
