- Description
- An inconsistent user interface issue was addressed with improved state management. This issue is fixed in watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, visionOS 26.1. Visiting a malicious website may lead to user interface spoofing.
- Source
- product-security@apple.com
- NVD status
- Modified
- Products
- safari, ipados, iphone_os, visionos, watchos
CVSS 3.1
- Type
- Secondary
- Base score
- 4.3
- Impact score
- 1.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
- Severity
- MEDIUM
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-290
- Hype score
- Not currently trending
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF118CE-3F13-43BE-B250-5579E1C842EB",
"versionEndExcluding": "26.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D51AEDC-9086-4010-B3BF-C652D65D09C8",
"versionEndExcluding": "26.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3981A7BE-BC98-4C6F-AE38-D68839368925",
"versionEndExcluding": "26.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DFD3616-65CA-4E5C-849C-3C20ACBCB610",
"versionEndExcluding": "26.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9D7F76-13FB-407C-94E5-221B93021568",
"versionEndExcluding": "26.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]