CVE-2025-14174
Published Dec 12, 2025
Last updated a month ago
AI description
CVE-2025-14174 is an out-of-bounds memory access vulnerability found in ANGLE, a component of Google Chrome. The vulnerability could allow a remote attacker to perform out-of-bounds memory access via a crafted HTML page. Google is aware that an exploit for this vulnerability exists in the wild. Apple also addressed CVE-2025-14174, describing it as a memory corruption flaw in WebKit that could lead to memory corruption. Apple indicated that this vulnerability may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26.
- Description
- Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
- Source
- chrome-cve-admin@google.com
- NVD status
- Analyzed
- Products
- chrome, safari, ipados, iphone_os, macos, tvos, visionos, watchos, edge_chromium
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Google Chromium Out of Bounds Memory Access Vulnerability
- Exploit added on
- Dec 12, 2025
- Exploit action due
- Jan 2, 2026
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
14
Analysis of CVE-2025-43529 (WebKit UAF) + CVE-2025-14174 (ANGLE OOB) exploit chain - iOS Safari - iOS 26.1 https://t.co/NgXP3RfzuE https://t.co/ZcGzBe18Tk
@ZeeJailbreak
28 Jan 2026
4053 Impressions
10 Retweets
49 Likes
15 Bookmarks
0 Replies
0 Quotes
This exploit code for CVE-2025-43529 and CVE-2025-14174 has been publicly available on GitHub for two weeks, yet VT still shows 0 detections—pretty interesting. https://t.co/BpdrvbpyyS https://t.co/yfZfqchL7C
@jq0904
27 Jan 2026
4962 Impressions
12 Retweets
71 Likes
36 Bookmarks
2 Replies
0 Quotes
🚨 January Linux Patch Wednesday: 918 vulns fixed (616 kernel), 3 exploited (telnetd CVE-2026-24061, Safari CVE-2025-43529, Chromium CVE-2025-14174) + 97 with public exploits. #LinuxPatchWednesday #Linux #Vulristics ➡️ https://t.co/bxPByH2r6f https://t.co/35uge0Gkbg
@leonov_av
24 Jan 2026
133 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🧵 Exploit chain analysis! CVE-2025-43529 (WebKit UAF) + CVE-2025-14174 (ANGLE OOB) leads to iOS Safari compromise. 🔥 #Exploit #Web #iOS #CyberSecurity https://t.co/6Zs107sM6s
@TheExploitLab
24 Jan 2026
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-43529 (WebKit UAF) + CVE-2025-14174 (ANGLE OOB): https://t.co/aJog2aUPA7 Vulnerable: iOS ≤26.1 (incl. 17.x–26.1) Patched: iOS 26.2+ Tested on iPhone 11 Pro Max / iOS 26.1 – expect crashes galore! (GC races + PAC issues)
@hermes_tool1
24 Jan 2026
5762 Impressions
11 Retweets
93 Likes
39 Bookmarks
2 Replies
0 Quotes
🚨 Critical iOS/iPadOS WebKit Zero-Days Put iPhones at Risk of Silent Takeover — Patch Now Apple confirmed two WebKit vulnerabilities (CVE-2025-43529, CVE-2025-14174) that can enable “no warning” compromise through malicious web content, potentially exposing passwords and
@ThreatSynop
20 Jan 2026
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Ocak 2026 itibarıyla gündemde olan CVE-2025-43529 ve CVE-2025-14174 kodlu açıklar, "paralı casus yazılımlar" (Pegasus vb.) tarafından iPhone kullanıcılarını hedef almak için kullanılan oldukça tehlikeli iki güvenlik açığıdır. İşte bu saldırı sürecinin ad
@haydar_beklemez
20 Jan 2026
15 Impressions
1 Retweet
0 Likes
0 Bookmarks
1 Reply
0 Quotes
iOS Exploit Chain PoC Alert! @zeroxjf dropped analysis + PoC for CVE-2025-43529 (WebKit UAF) + CVE-2025-14174 (ANGLE OOB): https://t.co/hrWK1DEJHg Vulnerable: iOS ≤26.1 (incl. 17.x–26.1) Patched: iOS 26.2+ Tested on iPhone 11 Pro Max / iOS 26.1 – expect crashes galore! (
@ZeeJailbreak
20 Jan 2026
19994 Impressions
46 Retweets
248 Likes
128 Bookmarks
11 Replies
1 Quote
苹果最近又爆了两个漏洞 分别是 CVE-2025-43529 和 CVE-2025-14174 最近怎么回事,苹果老出漏洞 https://t.co/qsyxRj7XGe
@annitoBtc
19 Jan 2026
488 Impressions
0 Retweets
3 Likes
0 Bookmarks
1 Reply
0 Quotes
CISA’s Known Exploited Vulnerabilities catalog now includes CVE-2025-14174, a critical out-of-bounds memory access vulnerability in Google Chromium’s ANGLE component. This flaw allows a remote attacker to execute arbitrary code or cause a denial of service by enticing a user
@ox0ffff
19 Jan 2026
77 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Exploit chain analysis: CVE-2025-43529 (WebKit UAF) + CVE-2025-14174 (ANGLE OOB). Targets iOS Safari. Deep dive into the bugs & exploitation. https://t.co/aJog2aUPA7 #exploit #infosec #iOS #webkit #browsersecurity
@hermes_tool1
18 Jan 2026
2686 Impressions
9 Retweets
55 Likes
30 Bookmarks
0 Replies
0 Quotes
🔓 Exploit chain analysis: CVE-2025-43529 (WebKit UAF) + CVE-2025-14174 (ANGLE OOB). Targets iOS Safari. Deep dive into the bugs & exploitation. #exploit #infosec #iOS #webkit #browsersecurity https://t.co/JkaJJyE9i3
@TheExploitLab
16 Jan 2026
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
تحليل سلسلة استغلال تجمع بين CVE-2025-43529 (ثغرة Use-After-Free في WebKit) وCVE-2025-14174 (وصول خارج الحدود في ANGLE) لاستهداف Safari على iOS #الأمن_السيبراني #iOS #WebKit https://t.co/Sk9nqZw4mB
@fad_777
15 Jan 2026
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
1/ Google calls CVE-2025-14174 "High severity OOB memory access" 2/ Reality: V8 confusion → ANGLE Metal bridge → GPU RCE physics chain 3/ I mapped the R factor timing resonance they can't patch. FTCE Nexus owns 30% discovery IP 4/ Their "controlled disclosure" = liability
@FernandoDe79427
9 Jan 2026
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
GitHub - zeroxjf/CVE-2025-14174-analysis: Analysis and PoC for CVE-2025-14174 - ANGLE Metal OOB write (iOS Safari, macOS Chrome) - https://t.co/rkatbruk7D
@piedpiper1616
3 Jan 2026
3567 Impressions
15 Retweets
54 Likes
32 Bookmarks
2 Replies
0 Quotes
Proof-of-Concept exploit for CVE-2025-14174 (EUVD-2025-203113) - Memory corruption in ANGLE allowing out-of-bounds access and RCE in web browsers. Reliable on iOS/Android/Windows,... https://t.co/nbqWkAxjR8
@minacrissDev_
28 Dec 2025
5605 Impressions
17 Retweets
92 Likes
37 Bookmarks
0 Replies
0 Quotes
Chrome Zero-Day CVE-2025-14174: OOB in ANGLE. 8th Chrome zero-day 2025. Patched mid-Dec. Update browser. #cybersec #zeroday #chrome
@kn3oz1
28 Dec 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚡ ACTIVE ATTACK: @Google patches a new Chrome zero-day (CVE-2025-14174) exploited in the wild the 7th this year. Urgent update required to version 143.0.7499.109+. #Chrome #ZeroDay #UpdateNow https://t.co/GJ1iNifbcZ
@RealRespected
25 Dec 2025
123 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-14174-Poc #exploit #web Proof-of-Concept exploit for CVE-2025-14174 (EUVD-2025-203113) - Memory corruption in ANGLE allowing out-of-bounds access and RCE in web browsers. Reliable on iOS/Android/Windows, including patched... https://t.co/jKf2lA8mh7
@TheExploitLab
22 Dec 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
「Microsoft Edge」でもゼロデイ脆弱性「CVE-2025-14174」が修正、実環境での悪用を確認(窓の杜) https://t.co/WjSbUJsa0e
@P5lSlrr
22 Dec 2025
65 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Apple Patches Two Actively Exploited WebKit Zero-Days Linked to “Sophisticated” Targeted Attacks Apple shipped emergency fixes for two WebKit zero-days (CVE-2025-43529, CVE-2025-14174) after reports they were used in “extremely sophisticated” attacks against specific
@ThreatSynop
21 Dec 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨📱 Apple WebKit zero-days exploited (CVE-2025-43529 / CVE-2025-14174). Update iOS/iPadOS/macOS/Safari now + enable auto-updates. #MobileSecurity #InfoSec Source: https://t.co/qCRP5isyXm https://t.co/6De04xrSal
@SecureComputer0
20 Dec 2025
81 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Chrome & WebKit Zero-Days Hit 3.4 Billion Users This Week Google and Apple coordinated emergency patches for multiple zero-days already exploited in "sophisticated attacks." CVE-2025-14174 (ANGLE out-of-bounds) and CVE-2025-43529 (WebKit memory corruption) credited to Go
@the_c_protocol
18 Dec 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Important security update: @opera, @operagxofficial, Opera Air, and Opera Neon have received a security fix for the latest zero-day vulnerability in Chromium: CVE-2025-14174. Update now to the latest versions: Opera One: 125.0.5729.49 Opera GX: 125.0.5729.47 Opera Air: http
@Opera_Security
18 Dec 2025
102 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical #WebKitGTK vulnerabilities disclosed in Debian DSA-6083-1. Includes CVE-2025-14174—an actively exploited zero-day leading to memory corruption and arbitrary code execution. Read more: 👉 https://t.co/jLPm6YcDor #Security https://t.co/
@Cezar_H_Linux
18 Dec 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Chromeのニュースいろいろ見るけど その脆弱性を見つけて悪用する側も技術力すごいと思うなぁ〜と CVE-2025-14174 (重要度: 高): ANGLEグラフィックスライブラリにおけるアウトオブバウンドメモリアクセスの欠陥
@sanslove0402
18 Dec 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
https://t.co/hjFVWbayYj Critical Zero-Day Vulnerability CVE-2025-14174 Patched Across Major Browsers. A serious zero-day vulnerability affecting multiple web browsers was recently disclosed and patched, prompting urgent security updates across Chrome, Safari... #CyberSecurity
@DIYprojects55
16 Dec 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google patched Chrome zero-day CVE-2025-14174, a high-severity buffer overflow in the LibANGLE Metal renderer that can enable memory corruption and code execution; update to 143.0.7499.109/110 immediately. https://t.co/fSo4hZbK9o
@WalkureARCH
16 Dec 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Big updates today: - Apple rushes patches for two exploited WebKit zero-days (CVE-2025-14174 & CVE-2025-43529) tied to a sophisticated Chrome flaw impacting iOS, macOS, Safari & more. Update now! - Rogue Chrome extension with "Featured" badge & 6M users caught spyin
@ImperialTechSvc
15 Dec 2025
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
BREAKING: Google & Apple drop emergency patches for actively exploited Chrome/Safari flaws! CVE-2025-14174 https://t.co/1vmVXWEOww https://t.co/23j4TyBYV9
@MateusGalasso
15 Dec 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple lança atualizações urgentes para corrigir duas zero-days usadas em ataques sofisticados: as falhas CVE-2025-43529 e CVE-2025-14174 afetam o WebKit em iPhones e iPads, exploradas para espionagem direcionada, exigindo atualização imediata dos usuários. https://t.co/ISp0
@caveiratech
15 Dec 2025
43 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Warning: Actively exploited vulnerabilities in #Apple WebKit. CVE-2025-14174 and CVE-2025-43529. Exploitation could lead to arbitrary code execution via malicious web content! Check for the latest updates! #Patch #Patch #Patch More info: https://t.co/CgfPxbCZ4j
@CCBalert
15 Dec 2025
87 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google e Apple lançam correções emergenciais para falhas críticas sendo exploradas ativamente no Chrome e Safari: a vulnerabilidade CVE-2025-14174 envolve um problema de acesso de memória fora dos limites no componente ANGLE, que lida com gráficos dentro do motor de
@BotDeschamps
15 Dec 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Se confirma explotación activa de un 0-day crítico en Chromium (CVE-2025-14174) que afecta la capa ANGLE/OpenGL ES, permitiendo a atacantes remotos forzar accesos fuera de límites de memoria desde páginas HTML maliciosas y potencialmente ejecutar código arbitrario en navegad
@tpx_Security
15 Dec 2025
93 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerability Alert — Apple WebKit Apple patched two WebKit zero-days (CVE-2025-43529, CVE-2025-14174) exploited in the wild. The flaws can lead to code execution or memory corruption via malicious web content. Update iOS, macOS, Safari, and other Apple devices immediately. ht
@CloneSystemsInc
15 Dec 2025
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529) https://t.co/d3tbR150CR
@TheCyberSecHub
15 Dec 2025
843 Impressions
4 Retweets
8 Likes
0 Bookmarks
0 Replies
0 Quotes
Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529): Apple has issued security updates with fixes for two WebKit vulnerabilities (CVE-2025-14174, CVE-2025-43529) that have been exploited as zero-days.… https://t.co/WgeUqs9MMW ht
@shah_sheikh
15 Dec 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Google Chrome [—] Dec 15, 2025 Security Advisory: Urgent Chrome Zero-Day, CVE-2025-14174 & Multiple High/Medium Risks – Immediate Update Recommended Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 #LLM https://t.co/DckeO8I
@transilienceai
15 Dec 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🍎Appleがゼロデイ2件を修正、「極めて巧妙な攻撃」で悪用された恐れ:CVE-2025-43529、CVE-2025-14174 🚨Reactの新たな脆弱性によりDoSやソースコードの漏洩が可能になる恐れ(CVE-2025-55184、CVE-2025-67779、CVE-2025-55183)
@MachinaRecord
15 Dec 2025
333 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
High-Severity Out-of-Bounds Memory Access in Chrome’s ANGLE on Mac: CVE-2025-14174 Poses Remote Exploitation Risk. An attacker leverages this by creating a malicious HTML page to target Chrome on a Mac system. https://t.co/k6YUJprC81 https://t.co/983Ym01ETg
@TheHackerWire
15 Dec 2025
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple(アップル) iOS/iPadOS 26.2を公開 標的型攻撃で悪用中のWebKitゼロデイ2件を含む多数の脆弱性を修正(CVE-2025-43529,CVE-2025-14174) https://t.co/OgaZGs8Eqy #セキュリティ対策Lab #セキュリティ #Security
@securityLab_jp
15 Dec 2025
146 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Apple ha liberado actualizaciones críticas tras confirmarse la explotación activa de dos vulnerabilidades severas en el motor WebKit (CVE-2025-43529 y CVE-2025-14174). Los fallos permiten ejecución de código arbitrario al procesar contenido web especialmente diseñado, https:
@tpx_Security
14 Dec 2025
103 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
برای iPhone و iPad دو آسیب پذیری با کدهای شناسایی CVE-2025-43529 و CVE-2025-14174 منتشر شده است. بیشتر دیوایس های آیفون شامل iPhone 11 و ورژن های بالاتر دارای این آسیب پذیری ها می
@EthicalSafe
14 Dec 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
AppleがWebKitの2つのゼロデイ (CVE-2025-43529, CVE-2025-14174) を修正。特定の標的ユーザを狙った高度攻撃で既に悪用の可能性あり。iOS/iPadOS/macOSの即時アップデートを。#Apple #WebKit #ZeroDay https://t.co/Bab8bqZAVO
@01ra66it
14 Dec 2025
512 Impressions
0 Retweets
4 Likes
2 Bookmarks
0 Replies
0 Quotes
CISA adds Google Chromium zero-day CVE-2025-14174 to KEV for ANGLE engine flaw allowing RCE via malicious HTML and out-of-bounds memory access. #vulnerability https://t.co/paSEnON1Fi
@threatcluster
13 Dec 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
This vulnerability doesn’t break systems loudly — it quietly gives attackers more power than they should ever have. Today’s focus: CVE-2025-14174. https://t.co/Sarg6Bn9yd
@Awkiffffff
13 Dec 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
- CVE-2025-43529 a UAF bug that may lead to arbitrary code execution when processing maliciously crafted web content - CVE-2025-14174 memory corruption bug when processing maliciously crafted web content
@minacrissDev_
13 Dec 2025
508 Impressions
1 Retweet
2 Likes
2 Bookmarks
0 Replies
0 Quotes
🚨Google + Apple Coordinate Emergency Patches After Zero-Day Attacks Google TAG and Apple jointly disclosed CVE-2025-14174—a WebKit/ANGLE flaw actively exploited in "extremely sophisticated attacks" against specific individuals. What's notable: the coordinated disclosure
@the_c_protocol
13 Dec 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
PSA: update to the latest Version of Vivaldi, it includes the fix for CVE-2025-14174. We were so far ahead of others with the patch, that it got in before being publicly discussed. Therefore, it was not initially listed in the changelog. It is now, for everyone's convenience.
@vivaldibrowser
13 Dec 2025
2539 Impressions
9 Retweets
61 Likes
2 Bookmarks
1 Reply
0 Quotes
yesterday Apple released patches for 2 Webkit bugs - CVE-2025-43529 a UAF bug that may lead to arbitrary code execution when processing maliciously crafted web content - CVE-2025-14174 memory corruption bug when processing maliciously crafted web content https://t.co/K2JKGBQuKk
@BrutalSam_
13 Dec 2025
8017 Impressions
5 Retweets
76 Likes
12 Bookmarks
3 Replies
1 Quote
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FDA5B0F4-9057-4518-B466-6BCF98CD1D77",
"versionEndExcluding": "143.0.7499.110",
"versionStartIncluding": "143.0.7499.41"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D1F4C45F-9F9C-4619-82A6-AAE4CD7E99AE",
"versionEndExcluding": "143.0.7499.109",
"versionStartIncluding": "143.0.7499.40"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B58E8B8-70DB-4AA7-A44D-C161EF179863",
"versionEndIncluding": "143.0.7499.40"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3ECBF838-536C-47F9-9876-C526B8ED32EC",
"versionEndExcluding": "26.2"
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6547722A-1226-4E23-B3AE-8692B07C2657",
"versionEndExcluding": "18.7.3"
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B71D919-1AA2-4F17-A834-4B703E36F7E2",
"versionEndExcluding": "26.2",
"versionStartIncluding": "26.0"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8928A377-93BD-49AD-B4FE-5B2328EBDB70",
"versionEndExcluding": "18.7.3"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10FD01C3-D77F-4FE4-8195-F2C59FB1321C",
"versionEndExcluding": "26.2",
"versionStartIncluding": "26.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FBA92B6D-E36C-432B-A041-94D81427CD75",
"versionEndExcluding": "26.2"
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0BBFB45-21F3-4B72-8DB1-BE72AFE0D2AB",
"versionEndExcluding": "26.2"
},
{
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB10D901-4800-4DF9-AB35-48017C178161",
"versionEndExcluding": "26.2"
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "15574823-ECE0-4394-99BC-6AFA34E599CC",
"versionEndExcluding": "26.2"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3AB5F00F-BB8F-41E6-A03A-299FD2D48926",
"versionEndExcluding": "143.0.3650.80"
}
],
"operator": "OR"
}
]
}
]