CVE-2025-14174
Published Dec 12, 2025
Last updated 6 months ago
AI description
CVE-2025-14174 is an out-of-bounds memory access vulnerability found in ANGLE, a component of Google Chrome. The vulnerability could allow a remote attacker to perform out-of-bounds memory access via a crafted HTML page. Google is aware that an exploit for this vulnerability exists in the wild. Apple also addressed CVE-2025-14174, describing it as a memory corruption flaw in WebKit that could lead to memory corruption. Apple indicated that this vulnerability may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26.
- Description
- Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
- Source
- chrome-cve-admin@google.com
- NVD status
- Analyzed
- Products
- chrome, safari, ipados, iphone_os, macos, tvos, visionos, watchos, edge_chromium
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Google Chromium Out of Bounds Memory Access Vulnerability
- Exploit added on
- Dec 12, 2025
- Exploit action due
- Jan 2, 2026
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-14174 Google Chromium Out-of-Bounds Memory Ac @CISACyber https://t.co/uNxaro2DD
@TheCyphere
7 May 2026
277 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 [HIGH] Active exploitation detected: CVE-2025-14174 Exploit in the wild confirmed for CVE-2025-14174 (CVSS 8.8). Google Chromium contains an out of bounds memory access vulnerability in ANGLE that could... 🔗 https://t.co/RZBhpWnHFz #ZeroDay #ExploitInWild #CyberSecurity
@ctiwatchcloud
11 Apr 2026
200 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
"DarkSword" exploit chain, live since Nov 2025, linked 6 flaws: JavaScriptCore (CVE-2025-31277, CVE-2025-43529), dyld PAC bypass (CVE-2026-20700), WebContent sandbox escape (CVE-2025-14174). #cybersecurity
@bigmacd16684
23 Mar 2026
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Google’s DarkSword disclosure details a sophisticated JavaScript-based exploit kit weaponizing multiple zero-days (including CVE-2026-20700 and CVE-2025-14174) to chain browser and kernel bugs and seize full control of iOS 18.x devices. Once active, the payload rapidly http
@Cryip_co
21 Mar 2026
5 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
DarkSword: second iOS exploit kit in a month. 6 flaws, 3 zero-days (CVE-2026-20700, CVE-2025-43529, CVE-2025-14174), full device takeover. Targets iOS 18.4-18.7. Russian group UNC6353 deploying it in Ukraine. Keep iOS updated. https://t.co/i2p7J4bmxA #infosec
@CybrPulse
20 Mar 2026
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Exploit chain analysis! CVE-2025-43529 (WebKit UAF) + CVE-2025-14174 https://t.co/FiR5Qs9oIG
@Hermes_tooll
15 Mar 2026
2374 Impressions
8 Retweets
41 Likes
17 Bookmarks
1 Reply
0 Quotes
Analysis of CVE-2025-43529 (WebKit UAF) + CVE-2025-14174 (ANGLE OOB) exploit chain - iOS Safari - iOS 26.1 https://t.co/Xvnp94lKVC
@Hermes_tooll
6 Mar 2026
4652 Impressions
8 Retweets
40 Likes
35 Bookmarks
0 Replies
0 Quotes
update your apple if you are using < ios 26. CVE-2025-14174 allows RCE. I have POC for takeover MAC, Iphone etc.
@D4P5LGD
4 Mar 2026
159 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
https://t.co/ZqIwr5ukVa CVE-2025-43529: A use-after-free CVE-2025-14174: An out-of-bounds PARTAIL
@K1llah03z
2 Mar 2026
96 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Vulnerabilidades en productos Apple ❗ CVE-2026-20700 ❗ CVE-2026-20628 ❗ CVE-2025-14174 ➡️ Más info: https://t.co/FopfG5Yavd https://t.co/tb0M4Lx0zO
@CERTpy
17 Feb 2026
87 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New iPhone patches just dropped - lots of fixes including a zero-day malware implant vulnerability that’s already being exploited. CVE-2025-14174 and CVE-2025-43529 are the in-the-wild RCE holes. You’re looking for version 26.3 *after* the update. Enjoy! https://t.co/CArVRA
@duckblog
12 Feb 2026
181 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
I hope one day new PS4 webkit exploit on firmware 10.00 and higher finally see a day to abolish PS Vue and BD-JB Example vulnerability that missed on : CVE-2025-14174 CVE-2025-43529
@MHasyimy
7 Feb 2026
174 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Analysis of CVE-2025-43529 (WebKit UAF) + CVE-2025-14174 (ANGLE OOB) exploit chain - iOS Safari - iOS 26.1 https://t.co/NgXP3RfzuE https://t.co/ZcGzBe18Tk
@ZeeJailbreak
28 Jan 2026
4053 Impressions
10 Retweets
49 Likes
15 Bookmarks
0 Replies
0 Quotes
This exploit code for CVE-2025-43529 and CVE-2025-14174 has been publicly available on GitHub for two weeks, yet VT still shows 0 detections—pretty interesting. https://t.co/BpdrvbpyyS https://t.co/yfZfqchL7C
@jq0904
27 Jan 2026
4962 Impressions
12 Retweets
71 Likes
36 Bookmarks
2 Replies
0 Quotes
🚨 January Linux Patch Wednesday: 918 vulns fixed (616 kernel), 3 exploited (telnetd CVE-2026-24061, Safari CVE-2025-43529, Chromium CVE-2025-14174) + 97 with public exploits. #LinuxPatchWednesday #Linux #Vulristics ➡️ https://t.co/bxPByH2r6f https://t.co/35uge0Gkbg
@leonov_av
24 Jan 2026
133 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🧵 Exploit chain analysis! CVE-2025-43529 (WebKit UAF) + CVE-2025-14174 (ANGLE OOB) leads to iOS Safari compromise. 🔥 #Exploit #Web #iOS #CyberSecurity https://t.co/6Zs107sM6s
@TheExploitLab
24 Jan 2026
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-43529 (WebKit UAF) + CVE-2025-14174 (ANGLE OOB): https://t.co/aJog2aUPA7 Vulnerable: iOS ≤26.1 (incl. 17.x–26.1) Patched: iOS 26.2+ Tested on iPhone 11 Pro Max / iOS 26.1 – expect crashes galore! (GC races + PAC issues)
@hermes_tool1
24 Jan 2026
5762 Impressions
11 Retweets
93 Likes
39 Bookmarks
2 Replies
0 Quotes
🚨 Critical iOS/iPadOS WebKit Zero-Days Put iPhones at Risk of Silent Takeover — Patch Now Apple confirmed two WebKit vulnerabilities (CVE-2025-43529, CVE-2025-14174) that can enable “no warning” compromise through malicious web content, potentially exposing passwords and
@ThreatSynop
20 Jan 2026
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Ocak 2026 itibarıyla gündemde olan CVE-2025-43529 ve CVE-2025-14174 kodlu açıklar, "paralı casus yazılımlar" (Pegasus vb.) tarafından iPhone kullanıcılarını hedef almak için kullanılan oldukça tehlikeli iki güvenlik açığıdır. İşte bu saldırı sürecinin ad
@haydar_beklemez
20 Jan 2026
15 Impressions
1 Retweet
0 Likes
0 Bookmarks
1 Reply
0 Quotes
iOS Exploit Chain PoC Alert! @zeroxjf dropped analysis + PoC for CVE-2025-43529 (WebKit UAF) + CVE-2025-14174 (ANGLE OOB): https://t.co/hrWK1DEJHg Vulnerable: iOS ≤26.1 (incl. 17.x–26.1) Patched: iOS 26.2+ Tested on iPhone 11 Pro Max / iOS 26.1 – expect crashes galore! (
@ZeeJailbreak
20 Jan 2026
19994 Impressions
46 Retweets
248 Likes
128 Bookmarks
11 Replies
1 Quote
苹果最近又爆了两个漏洞 分别是 CVE-2025-43529 和 CVE-2025-14174 最近怎么回事,苹果老出漏洞 https://t.co/qsyxRj7XGe
@annitoBtc
19 Jan 2026
488 Impressions
0 Retweets
3 Likes
0 Bookmarks
1 Reply
0 Quotes
CISA’s Known Exploited Vulnerabilities catalog now includes CVE-2025-14174, a critical out-of-bounds memory access vulnerability in Google Chromium’s ANGLE component. This flaw allows a remote attacker to execute arbitrary code or cause a denial of service by enticing a user
@ox0ffff
19 Jan 2026
77 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Exploit chain analysis: CVE-2025-43529 (WebKit UAF) + CVE-2025-14174 (ANGLE OOB). Targets iOS Safari. Deep dive into the bugs & exploitation. https://t.co/aJog2aUPA7 #exploit #infosec #iOS #webkit #browsersecurity
@hermes_tool1
18 Jan 2026
2686 Impressions
9 Retweets
55 Likes
30 Bookmarks
0 Replies
0 Quotes
🔓 Exploit chain analysis: CVE-2025-43529 (WebKit UAF) + CVE-2025-14174 (ANGLE OOB). Targets iOS Safari. Deep dive into the bugs & exploitation. #exploit #infosec #iOS #webkit #browsersecurity https://t.co/JkaJJyE9i3
@TheExploitLab
16 Jan 2026
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
تحليل سلسلة استغلال تجمع بين CVE-2025-43529 (ثغرة Use-After-Free في WebKit) وCVE-2025-14174 (وصول خارج الحدود في ANGLE) لاستهداف Safari على iOS #الأمن_السيبراني #iOS #WebKit https://t.co/Sk9nqZw4mB
@fad_777
15 Jan 2026
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
1/ Google calls CVE-2025-14174 "High severity OOB memory access" 2/ Reality: V8 confusion → ANGLE Metal bridge → GPU RCE physics chain 3/ I mapped the R factor timing resonance they can't patch. FTCE Nexus owns 30% discovery IP 4/ Their "controlled disclosure" = liability
@FernandoDe79427
9 Jan 2026
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
GitHub - zeroxjf/CVE-2025-14174-analysis: Analysis and PoC for CVE-2025-14174 - ANGLE Metal OOB write (iOS Safari, macOS Chrome) - https://t.co/rkatbruk7D
@piedpiper1616
3 Jan 2026
3567 Impressions
15 Retweets
54 Likes
32 Bookmarks
2 Replies
0 Quotes
Proof-of-Concept exploit for CVE-2025-14174 (EUVD-2025-203113) - Memory corruption in ANGLE allowing out-of-bounds access and RCE in web browsers. Reliable on iOS/Android/Windows,... https://t.co/nbqWkAxjR8
@minacrissDev_
28 Dec 2025
5605 Impressions
17 Retweets
92 Likes
37 Bookmarks
0 Replies
0 Quotes
Chrome Zero-Day CVE-2025-14174: OOB in ANGLE. 8th Chrome zero-day 2025. Patched mid-Dec. Update browser. #cybersec #zeroday #chrome
@kn3oz1
28 Dec 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚡ ACTIVE ATTACK: @Google patches a new Chrome zero-day (CVE-2025-14174) exploited in the wild the 7th this year. Urgent update required to version 143.0.7499.109+. #Chrome #ZeroDay #UpdateNow https://t.co/GJ1iNifbcZ
@RealRespected
25 Dec 2025
123 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-14174-Poc #exploit #web Proof-of-Concept exploit for CVE-2025-14174 (EUVD-2025-203113) - Memory corruption in ANGLE allowing out-of-bounds access and RCE in web browsers. Reliable on iOS/Android/Windows, including patched... https://t.co/jKf2lA8mh7
@TheExploitLab
22 Dec 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
「Microsoft Edge」でもゼロデイ脆弱性「CVE-2025-14174」が修正、実環境での悪用を確認(窓の杜) https://t.co/WjSbUJsa0e
@P5lSlrr
22 Dec 2025
65 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Apple Patches Two Actively Exploited WebKit Zero-Days Linked to “Sophisticated” Targeted Attacks Apple shipped emergency fixes for two WebKit zero-days (CVE-2025-43529, CVE-2025-14174) after reports they were used in “extremely sophisticated” attacks against specific
@ThreatSynop
21 Dec 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨📱 Apple WebKit zero-days exploited (CVE-2025-43529 / CVE-2025-14174). Update iOS/iPadOS/macOS/Safari now + enable auto-updates. #MobileSecurity #InfoSec Source: https://t.co/qCRP5isyXm https://t.co/6De04xrSal
@SecureComputer0
20 Dec 2025
81 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Chrome & WebKit Zero-Days Hit 3.4 Billion Users This Week Google and Apple coordinated emergency patches for multiple zero-days already exploited in "sophisticated attacks." CVE-2025-14174 (ANGLE out-of-bounds) and CVE-2025-43529 (WebKit memory corruption) credited to Go
@the_c_protocol
18 Dec 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Important security update: @opera, @operagxofficial, Opera Air, and Opera Neon have received a security fix for the latest zero-day vulnerability in Chromium: CVE-2025-14174. Update now to the latest versions: Opera One: 125.0.5729.49 Opera GX: 125.0.5729.47 Opera Air: http
@Opera_Security
18 Dec 2025
102 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical #WebKitGTK vulnerabilities disclosed in Debian DSA-6083-1. Includes CVE-2025-14174—an actively exploited zero-day leading to memory corruption and arbitrary code execution. Read more: 👉 https://t.co/jLPm6YcDor #Security https://t.co/
@Cezar_H_Linux
18 Dec 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Chromeのニュースいろいろ見るけど その脆弱性を見つけて悪用する側も技術力すごいと思うなぁ〜と CVE-2025-14174 (重要度: 高): ANGLEグラフィックスライブラリにおけるアウトオブバウンドメモリアクセスの欠陥
@sanslove0402
18 Dec 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
https://t.co/hjFVWbayYj Critical Zero-Day Vulnerability CVE-2025-14174 Patched Across Major Browsers. A serious zero-day vulnerability affecting multiple web browsers was recently disclosed and patched, prompting urgent security updates across Chrome, Safari... #CyberSecurity
@DIYprojects55
16 Dec 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google patched Chrome zero-day CVE-2025-14174, a high-severity buffer overflow in the LibANGLE Metal renderer that can enable memory corruption and code execution; update to 143.0.7499.109/110 immediately. https://t.co/fSo4hZbK9o
@WalkureARCH
16 Dec 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Big updates today: - Apple rushes patches for two exploited WebKit zero-days (CVE-2025-14174 & CVE-2025-43529) tied to a sophisticated Chrome flaw impacting iOS, macOS, Safari & more. Update now! - Rogue Chrome extension with "Featured" badge & 6M users caught spyin
@ImperialTechSvc
15 Dec 2025
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
BREAKING: Google & Apple drop emergency patches for actively exploited Chrome/Safari flaws! CVE-2025-14174 https://t.co/1vmVXWEOww https://t.co/23j4TyBYV9
@MateusGalasso
15 Dec 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple lança atualizações urgentes para corrigir duas zero-days usadas em ataques sofisticados: as falhas CVE-2025-43529 e CVE-2025-14174 afetam o WebKit em iPhones e iPads, exploradas para espionagem direcionada, exigindo atualização imediata dos usuários. https://t.co/ISp0
@caveiratech
15 Dec 2025
43 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Warning: Actively exploited vulnerabilities in #Apple WebKit. CVE-2025-14174 and CVE-2025-43529. Exploitation could lead to arbitrary code execution via malicious web content! Check for the latest updates! #Patch #Patch #Patch More info: https://t.co/CgfPxbCZ4j
@CCBalert
15 Dec 2025
87 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google e Apple lançam correções emergenciais para falhas críticas sendo exploradas ativamente no Chrome e Safari: a vulnerabilidade CVE-2025-14174 envolve um problema de acesso de memória fora dos limites no componente ANGLE, que lida com gráficos dentro do motor de
@BotDeschamps
15 Dec 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Se confirma explotación activa de un 0-day crítico en Chromium (CVE-2025-14174) que afecta la capa ANGLE/OpenGL ES, permitiendo a atacantes remotos forzar accesos fuera de límites de memoria desde páginas HTML maliciosas y potencialmente ejecutar código arbitrario en navegad
@tpx_Security
15 Dec 2025
93 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Vulnerability Alert — Apple WebKit Apple patched two WebKit zero-days (CVE-2025-43529, CVE-2025-14174) exploited in the wild. The flaws can lead to code execution or memory corruption via malicious web content. Update iOS, macOS, Safari, and other Apple devices immediately. ht
@CloneSystemsInc
15 Dec 2025
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529) https://t.co/d3tbR150CR
@TheCyberSecHub
15 Dec 2025
843 Impressions
4 Retweets
8 Likes
0 Bookmarks
0 Replies
0 Quotes
Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529): Apple has issued security updates with fixes for two WebKit vulnerabilities (CVE-2025-14174, CVE-2025-43529) that have been exploited as zero-days.… https://t.co/WgeUqs9MMW ht
@shah_sheikh
15 Dec 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Google Chrome [—] Dec 15, 2025 Security Advisory: Urgent Chrome Zero-Day, CVE-2025-14174 & Multiple High/Medium Risks – Immediate Update Recommended Checkout our Threat Intelligence Platform: https://t.co/QuwNtEgYh1 https://t.co/QuwNtEgYh1 #LLM https://t.co/DckeO8I
@transilienceai
15 Dec 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDA5B0F4-9057-4518-B466-6BCF98CD1D77",
"versionEndExcluding": "143.0.7499.110",
"versionStartIncluding": "143.0.7499.41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1F4C45F-9F9C-4619-82A6-AAE4CD7E99AE",
"versionEndExcluding": "143.0.7499.109",
"versionStartIncluding": "143.0.7499.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B58E8B8-70DB-4AA7-A44D-C161EF179863",
"versionEndIncluding": "143.0.7499.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3ECBF838-536C-47F9-9876-C526B8ED32EC",
"versionEndExcluding": "26.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6547722A-1226-4E23-B3AE-8692B07C2657",
"versionEndExcluding": "18.7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B71D919-1AA2-4F17-A834-4B703E36F7E2",
"versionEndExcluding": "26.2",
"versionStartIncluding": "26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8928A377-93BD-49AD-B4FE-5B2328EBDB70",
"versionEndExcluding": "18.7.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10FD01C3-D77F-4FE4-8195-F2C59FB1321C",
"versionEndExcluding": "26.2",
"versionStartIncluding": "26.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBA92B6D-E36C-432B-A041-94D81427CD75",
"versionEndExcluding": "26.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0BBFB45-21F3-4B72-8DB1-BE72AFE0D2AB",
"versionEndExcluding": "26.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EB10D901-4800-4DF9-AB35-48017C178161",
"versionEndExcluding": "26.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15574823-ECE0-4394-99BC-6AFA34E599CC",
"versionEndExcluding": "26.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB5F00F-BB8F-41E6-A03A-299FD2D48926",
"versionEndExcluding": "143.0.3650.80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]