Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Safari and iOS Websites May Crash or Be Hijacked
CVE-2026-28871
Summary
Some websites can cause Safari and iOS devices to crash or be taken over by malicious code. Apple has fixed this issue in updated versions of Safari, iOS, and iPadOS. Make sure your devices are up to date to stay protected.
Original title
A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted websit...
Original description
A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack.
Published: 25 Mar 2026 · Updated: 25 Mar 2026 · First seen: 25 Mar 2026