VDB
CVE-2025-46298
CVE-2025-46298
PUBLISHED
CVSS 8.699999809265137 HIGH
The issue was addressed with improved memory handling. This issue is fixed in tvOS 26.2, Safari 26.2, watchOS 26.2, visionOS 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.
EPSS 0.08% · 22.7th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.08%
22.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| apple | watchos | 0, 0 |
| Apple | visionOS | 0, unspecified |
| apple | iphone_os | 0, 0 |
| apple | macos | 0, 0 |
| apple | tvos | 0, 0 |
| Apple | watchOS | *, 0 |
| apple | visionos | 0, 0 |
| Apple | Safari | unspecified, 0 |
| apple | ipados | 0, 0 |
| Apple | iOS and iPadOS | 0, unspecified |
| Apple | macOS | *, 0 |
| apple | safari | 0, 0 |
| Apple | tvOS | 0, unspecified |
Timeline
- Apr 22, 2025 CVE ID Reserved
- Jan 9, 2026 CVE Published
- Jan 9, 2026 PoC Published
- Jan 10, 2026 EPSS Score
- Jan 13, 2026 EPSS Score
- Jan 16, 2026 EPSS Score
- Jan 19, 2026 EPSS Score
- Jan 22, 2026 EPSS Score
- Jan 26, 2026 EPSS Score
- Jan 29, 2026 EPSS Score
- Feb 1, 2026 EPSS Score
- Feb 3, 2026 PoC Published
References
- https://support.apple.com/en-us/125889 url
- https://support.apple.com/en-us/125892 url
- https://support.apple.com/en-us/125884 url
- https://support.apple.com/en-us/125891 url
- https://support.apple.com/en-us/125886 url
- https://support.apple.com/en-us/125890 url
- https://nvd.nist.gov/vuln/detail/CVE-2025-46298 advisory