CVE-2025-43531 | Vulnerability Database | Aqua Security

A race condition was addressed with improved state handling. This issue is fixed in watchOS 26.2, Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, tvOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.

Affected Software

Name	Vendor	Start Version	End Version
Qtwebkit-opensource-src	Ubuntu	esm-apps/bionic	*
Qtwebkit-opensource-src	Ubuntu	esm-apps/focal	*
Qtwebkit-opensource-src	Ubuntu	esm-apps/jammy	*
Qtwebkit-opensource-src	Ubuntu	esm-apps/noble	*
Qtwebkit-opensource-src	Ubuntu	esm-infra/xenial	*
Qtwebkit-opensource-src	Ubuntu	jammy	*
Qtwebkit-opensource-src	Ubuntu	noble	*
Qtwebkit-source	Ubuntu	esm-apps/bionic	*
Qtwebkit-source	Ubuntu	esm-apps/xenial	*
Webkit2gtk	Ubuntu	esm-infra/bionic	*
Webkit2gtk	Ubuntu	esm-infra/focal	*
Webkit2gtk	Ubuntu	esm-infra/xenial	*
Webkitgtk	Ubuntu	esm-apps/bionic	*
Webkitgtk	Ubuntu	esm-apps/xenial	*
Wpewebkit	Ubuntu	esm-apps/focal	*
Wpewebkit	Ubuntu	esm-apps/jammy	*
Wpewebkit	Ubuntu	jammy	*

References

https://support.apple.com/en-us/125884
https://support.apple.com/en-us/125885
https://support.apple.com/en-us/125886
https://support.apple.com/en-us/125889
https://support.apple.com/en-us/125890
https://support.apple.com/en-us/125891
https://support.apple.com/en-us/125892

NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-43531
CWE	https://cwe.mitre.org/data/definitions/.html