CVE-2025-24128 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-24128

CWE

https://cwe.mitre.org/data/definitions/.html

The issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.3, Safari 18.3, iOS 18.3 and iPadOS 18.3. Visiting a malicious website may lead to address bar spoofing.

Affected Software

Name	Vendor	Start Version	End Version
Safari	Apple	*	18.3 (excluding)
Ipados	Apple	*	18.3 (excluding)
Iphone_os	Apple	*	18.3 (excluding)
Macos	Apple	*	15.3 (excluding)

References

https://support.apple.com/en-us/122066
https://support.apple.com/en-us/122068
https://support.apple.com/en-us/122074