{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-20643", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-11-11T14:43:07.862Z", "datePublished": "2026-03-17T22:29:48.227Z", "dateUpdated": "2026-03-25T00:32:25.668Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "Processing maliciously crafted web content may bypass Same Origin Policy"}]}], "affected": [{"vendor": "Apple", "product": "Safari", "versions": [{"version": "0", "status": "affected", "lessThan": "26.4", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"version": "0", "status": "affected", "lessThan": "18.7.7", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "26.3.1 (a)", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "26.4", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "26.3.1 (a)", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "26.3.2 (a)", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "26.4", "versionType": "custom"}]}, {"vendor": "Apple", "product": "visionOS", "versions": [{"version": "0", "status": "affected", "lessThan": "26.4", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may bypass Same Origin Policy."}], "references": [{"url": "https://support.apple.com/en-us/126604"}, {"url": "https://support.apple.com/en-us/126792"}, {"url": "https://support.apple.com/en-us/126793"}, {"url": "https://support.apple.com/en-us/126794"}, {"url": "https://support.apple.com/en-us/126799"}, {"url": "https://support.apple.com/en-us/126800"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-03-25T00:32:25.668Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-20", "lang": "en", "description": "CWE-20 Improper Input Validation"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-346", "lang": "en", "description": "CWE-346 Origin Validation Error"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-18T13:14:53.546083Z", "id": "CVE-2026-20643", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-18T13:14:56.139Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2026/Mar/10"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-03-19T16:18:46.731Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2026/Mar/10"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2026-03-19T16:18:46.731Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-20643", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-18T13:14:53.546083Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-346", "description": "CWE-346 Origin Validation Error"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-18T13:14:49.567Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "Safari", "versions": [{"status": "affected", "version": "0", "lessThan": "26.4", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"status": "affected", "version": "0", "lessThan": "18.7.7", "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "26.3.1 (a)", "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "26.4", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "0", "lessThan": "26.3.1 (a)", "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "26.3.2 (a)", "versionType": "custom"}, {"status": "affected", "version": "0", "lessThan": "26.4", "versionType": "custom"}]}, {"vendor": "Apple", "product": "visionOS", "versions": [{"status": "affected", "version": "0", "lessThan": "26.4", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/126604"}, {"url": "https://support.apple.com/en-us/126792"}, {"url": "https://support.apple.com/en-us/126793"}, {"url": "https://support.apple.com/en-us/126794"}, {"url": "https://support.apple.com/en-us/126799"}, {"url": "https://support.apple.com/en-us/126800"}], "descriptions": [{"lang": "en", "value": "A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may bypass Same Origin Policy."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Processing maliciously crafted web content may bypass Same Origin Policy"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-03-25T00:32:25.668Z"}}}, "cveMetadata": {"cveId": "CVE-2026-20643", "state": "PUBLISHED", "dateUpdated": "2026-03-25T00:32:25.668Z", "dateReserved": "2025-11-11T14:43:07.862Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2026-03-17T22:29:48.227Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "A9117B15-6B46-4C64-BC4A-DDF9D9FBBEB5", "versionEndExcluding": "26.3.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "60C61D06-6323-4C2E-96BC-F05F0C459568", "versionEndExcluding": "26.3.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "68370079-081F-40B1-A93F-F2B042B813E4", "versionEndExcluding": "26.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A cross-origin issue in the Navigation API was addressed with improved input validation. This issue is fixed in Background Security Improvements for iOS, iPadOS, and macOS, Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4. Processing maliciously crafted web content may bypass Same Origin Policy."}, {"lang": "es", "value": "Se abord\u00f3 un problema de origen cruzado en la API de Navegaci\u00f3n con una validaci\u00f3n de entrada mejorada. Este problema se solucion\u00f3 en las Mejoras de Seguridad en Segundo Plano para iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1 y macOS 26.3.2. El procesamiento de contenido web creado con fines maliciosos podr\u00eda eludir la Pol\u00edtica del Mismo Origen."}], "id": "CVE-2026-20643", "lastModified": "2026-03-25T01:17:04.543", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-17T23:16:17.193", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/126604"}, {"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/126792"}, {"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/126793"}, {"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/126794"}, {"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/126799"}, {"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/126800"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2026/Mar/10"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-346"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.3.1 (a))"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "iOS", "source": "cna", "vendor": "Apple"}, "product": "ios", "vendor": "apple"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.3.1 (a))"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "iPadOS", "source": "cna", "vendor": "Apple"}, "product": "ipados", "vendor": "apple"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.3.2 (a))"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "macOS", "source": "cna", "vendor": "Apple"}, "product": "macos", "vendor": "apple"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.3.1 (a))"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "macOS", "source": "cna", "vendor": "Apple"}, "product": "macos", "vendor": "apple"}], "analysis": {"en": {"generated_at": "2026-03-25T04:06:31.873033+00:00", "value": {"mitigation_remediation": ["Update Safari and all affected Apple operating systems to the latest available release (Safari\u202f26.4 or later, iOS\u202f18.7.7+, iPadOS\u202f18.7.7+, macOS\u202fTahoe\u202f26.4+, visionOS\u202f26.4+).", "If an immediate upgrade is not possible, use a content blocker or a trusted\u2011site whitelist to restrict the user\u2019s exposure to known malicious webpages.", "Monitor Apple\u2019s security advisories and verify that the operating\u2011system update has been successfully applied."], "summary": {"action": "Patch Immediately", "impact": "Same Origin Policy Bypass"}, "threat_synthesis": {"affected_systems": "Apple\u2019s Safari browser, iOS, iPadOS, macOS, and visionOS are affected when running a version prior to the Background Security Improvements that released Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, and visionOS 26.4. Any device still on an earlier revision remains vulnerable until the corresponding update is installed.", "description_and_impact": "A flaw in Apple\u2019s Navigation API allows a maliciously crafted webpage to bypass the browser\u2019s Same\u2011Origin Policy. The problem is rooted in insufficient input validation (CWE\u201120) and can permit an attacker to read or manipulate data from other origins that the user should not have access to. The vulnerability does not provide direct code execution but can undermine data confidentiality and integrity across domains.", "risk_and_exploitability": "The CVSS score of 5.4 indicates moderate severity. With an EPSS score below 1% and no listing in the CISA KEV catalog, public exploitation today is unlikely, but the vulnerability could be leveraged by an attacker who lures a user to a malicious site that abuses the Navigation API. The attack vector is therefore likely to be phishing or malicious webpages that a victim visits. Because the flaw is an input\u2011validation issue rather than a privilege\u2011escalation or remote\u2011code\u2011execution flaw, the impact is limited to cross\u2011origin data access or navigation manipulation."}}}}, "created": "2026-03-18T10:42:40.037373+00:00", "title": "Cross\u2011origin Bypass in Apple Safari Navigation API", "updated": "2026-03-25T11:52:57.249069+00:00", "vendors": ["apple", "apple$PRODUCT$ios", "apple$PRODUCT$ipados", "apple$PRODUCT$macos"]}