{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-43731: A use-after-free issue was addressed with improved memory management","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-43731","status":"final","version":"1","initial_release_date":"2026-06-29T19:43:00.659Z","current_release_date":"2026-06-30T03:55:40.313Z","revision_history":[{"date":"2026-06-29T19:43:00.659Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-43731 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-43731"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-43731"},{"category":"external","summary":"support.apple.com","url":"https://support.apple.com/en-us/127594"},{"category":"external","summary":"support.apple.com","url":"https://support.apple.com/en-us/127595"},{"category":"external","summary":"support.apple.com","url":"https://support.apple.com/en-us/127685"}]},"product_tree":{"branches":[{"category":"vendor","name":"Apple","branches":[{"category":"product_name","name":"Safari","branches":[{"category":"product_version_range","name":"<26.5.2","product":{"name":"Apple Safari <26.5.2","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Apple","branches":[{"category":"product_name","name":"iOS and iPadOS","branches":[{"category":"product_version_range","name":"<26.5.2","product":{"name":"Apple iOS and iPadOS <26.5.2","product_id":"CSAFPID-2","product_identification_helper":{"cpe":"cpe:2.3:a:apple:ios_and_ipados:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Apple","branches":[{"category":"product_name","name":"macOS","branches":[{"category":"product_version_range","name":"<26.5.2","product":{"name":"Apple macOS <26.5.2","product_id":"CSAFPID-3","product_identification_helper":{"cpe":"cpe:2.3:a:apple:macos:*:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-43731","title":"A use-after-free issue was addressed with improved memory management","notes":[{"category":"description","text":"A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to memory corruption.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1","CSAFPID-2","CSAFPID-3"]},"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH"},"products":["CSAFPID-1","CSAFPID-2","CSAFPID-3"]}],"remediations":[{"category":"vendor_fix","details":"Update to a fixed version: 26.5.2.","product_ids":["CSAFPID-1","CSAFPID-2","CSAFPID-3"]}]}]}