VDB

GHSA-gvvx-mjmx-h5qh

GHSA-gvvx-mjmx-h5qh PUBLISHED CVSS 5.400000095367432 MEDIUM

A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2. Processing maliciously crafted web content may bypass Same Origin Policy.

Risk Scores

CVSS 3.1
5.400000095367432
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Timeline

  • Mar 18, 2026 CVE Published
  • Mar 25, 2026 CVE Updated
  • Apr 10, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›