← Back to CVEs
CVE-2026-28871
N/ADescription
A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack.
CVE Details
CVSS v3.1 ScoreN/A
Published3/25/2026
Last Modified3/25/2026
Sourcenvd
Honeypot Sightings0
References
https://support.apple.com/en-us/126792(product-security@apple.com)
https://support.apple.com/en-us/126793(product-security@apple.com)
https://support.apple.com/en-us/126794(product-security@apple.com)
https://support.apple.com/en-us/126800(product-security@apple.com)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.