{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-43705: A type confusion issue was addressed with improved checks","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-43705","status":"final","version":"1","initial_release_date":"2026-06-29T19:42:54.457Z","current_release_date":"2026-06-30T03:55:38.904Z","revision_history":[{"date":"2026-06-29T19:42:54.457Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"A type confusion issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-43705 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-43705"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-43705"},{"category":"external","summary":"support.apple.com","url":"https://support.apple.com/en-us/127594"},{"category":"external","summary":"support.apple.com","url":"https://support.apple.com/en-us/127595"},{"category":"external","summary":"support.apple.com","url":"https://support.apple.com/en-us/127685"}]},"product_tree":{"branches":[{"category":"vendor","name":"Apple","branches":[{"category":"product_name","name":"Safari","branches":[{"category":"product_version_range","name":"<26.5.2","product":{"name":"Apple Safari <26.5.2","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Apple","branches":[{"category":"product_name","name":"iOS and iPadOS","branches":[{"category":"product_version_range","name":"<26.5.2","product":{"name":"Apple iOS and iPadOS <26.5.2","product_id":"CSAFPID-2","product_identification_helper":{"cpe":"cpe:2.3:a:apple:ios_and_ipados:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Apple","branches":[{"category":"product_name","name":"macOS","branches":[{"category":"product_version_range","name":"<26.5.2","product":{"name":"Apple macOS <26.5.2","product_id":"CSAFPID-3","product_identification_helper":{"cpe":"cpe:2.3:a:apple:macos:*:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-43705","title":"A type confusion issue was addressed with improved checks","notes":[{"category":"description","text":"A type confusion issue was addressed with improved checks. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1","CSAFPID-2","CSAFPID-3"]},"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH"},"products":["CSAFPID-1","CSAFPID-2","CSAFPID-3"]}],"remediations":[{"category":"vendor_fix","details":"Update to a fixed version: 26.5.2.","product_ids":["CSAFPID-1","CSAFPID-2","CSAFPID-3"]}]}]}