CVE-2025-43449

State: PUBLISHED · Published: 2025-11-04 · Updated: 2026-04-02 · Assigner: apple

Description

The issue was addressed with improved handling of caches. This issue is fixed in iOS 26.1 and iPadOS 26.1. A malicious app may be able to track users between installs.

CWE

CWE-200 — CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

Affected

Apple / iOS and iPadOS — v=0 <26.1 [affected]

CVSS

(none)

References

https://support.apple.com/en-us/125632

Source

cvelistV5-main/cves/2025/43xxx/CVE-2025-43449.json