Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3091 articles · 171994 vulns · 36/41 feeds (7d)
← Back to list
6.5
CVE-2026-43720EXPLOITEDPATCHED
apple · safari

CVE-2026-43720: A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 a

Description

A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected Safari crash.

Affected Products

VendorProductVersions
applesafari0, 0, 0, 26.5.1

Also Affects

Downstream vendors/products affected by this vulnerability

VendorProductSourceConfidence
applemacoscert_advisory90%
appleioscert_advisory90%
appleipadoscert_advisory90%
applesafaricert_advisory90%
appleiphone_oscve_cpe95%

References

  • https://support.apple.com/en-us/127594
  • https://support.apple.com/en-us/127595
  • https://support.apple.com/en-us/127685

Related News (5 articles)

Tier B
BSI Advisories7d ago
[NEU] [mittel] Apple iOS und iPadOS: Mehrere Schwachstellen
→ No new info (linked only)
Tier B
BSI Advisories7d ago
[NEU] [mittel] Apple Safari: Mehrere Schwachstellen
→ No new info (linked only)
Tier B
BSI Advisories7d ago
[NEU] [mittel] Apple macOS Tahoe: Mehrere Schwachstellen
→ No new info (linked only)
Tier B
CERT-FR7d ago
Multiples vulnérabilités dans les produits Apple (30 juin 2026)
→ No new info (linked only)
Tier C
VulDB7d ago
CVE-2026-43720 | Apple Safari/iOS/iPadOS/macOS up to 26.5.1 Web use after free
→ No new info (linked only)
CVSS 3.16.5 CRITICAL
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CISA KEV❌ No
Actively exploited✅ Yes
Patch available
26.5.2
PublishedJun 29, 2026
Last enriched7d agov2
Trending Score22
Source articles5
Independent3
Info Completeness8/14
Missing: epss, cwe, kev, exploit, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

HIGHCVE-2026-58592EXP
Ladybird - Web-Reachable Code Execution via Dangling FunctionType Reference in WebAssembly ESM Integration
Trending: 25
CRITICALCVE-2026-39868
CVE-2026-39868: This issue was addressed with improved input validation. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Taho
Trending: 24
CRITICALCVE-2026-43715EXP
CVE-2026-43715: A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 a
Trending: 23
CRITICALCVE-2026-43731EXP
CVE-2026-43731: A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 a
Trending: 23
CRITICALCVE-2026-43746EXP
CVE-2026-43746: A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 a
Trending: 22

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
Jun 29, 2026
Discovered by ZDM
Jun 29, 2026
Actively Exploited
Jun 29, 2026
Patch Available
Jun 29, 2026
Updated: severity, affectedVersions, activelyExploited
Jun 29, 2026

Version History

v2
Last enriched 7d ago
v2Tier C7d ago

Updated severity to CRITICAL, added affected version 26.5.1, and changed exploit availability status.

severityaffectedVersionsactivelyExploited
via VulDB
v17d ago

Initial creation