A vulnerability was found in Apple Safari, iOS, iPadOS and macOS up to 26.5.1. It has been classified as critical. This impacts an unknown function of the component Web Handler. Performing a manipulation results in out-of-bounds write.

This vulnerability is reported as CVE-2026-43745. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is recommended.