CVE-2026-43721

This issue was addressed through improved state management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may be able to silently hijack clipboard data.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

History

30 Jun 2026, 20:17

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.5
v2 : unknown
v3 : 6.5

30 Jun 2026, 19:13

Type Values Removed Values Added
References () https://support.apple.com/en-us/127594 - () https://support.apple.com/en-us/127594 - Vendor Advisory
References () https://support.apple.com/en-us/127595 - () https://support.apple.com/en-us/127595 - Vendor Advisory
References () https://support.apple.com/en-us/127685 - () https://support.apple.com/en-us/127685 - Vendor Advisory
First Time Apple macos
Apple
Apple ipados
Apple safari
Apple iphone Os
CPE cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

30 Jun 2026, 13:18

Type Values Removed Values Added
CWE CWE-732
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5

29 Jun 2026, 20:17

Type Values Removed Values Added
New CVE

Information

Published : 2026-06-29 20:17

Updated : 2026-06-30 20:17


NVD link : CVE-2026-43721

Mitre link : CVE-2026-43721

CVE.ORG link : CVE-2026-43721


JSON object : View

Products Affected

apple

  • ipados
  • safari
  • macos
  • iphone_os
CWE
CWE-732

Incorrect Permission Assignment for Critical Resource