CVE-2025-31254

CVSS 5.4 MEDIUMEPSS 0.5%CWE-863

This issue was addressed with improved URL validation. This issue is fixed in Safari 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to unexpected URL redirection.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Productos afectados

Apple · iOS and iPadOS Apple · Safari

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://seclists.org/fulldisclosure/2025/Sep/59 https://support.apple.com/en-us/125108 https://support.apple.com/en-us/125113