{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-28871", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2026-03-03T16:36:03.974Z", "datePublished": "2026-03-25T00:31:33.483Z", "dateUpdated": "2026-03-25T00:31:33.483Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "Visiting a maliciously crafted website may lead to a cross-site scripting attack"}]}], "affected": [{"vendor": "Apple", "product": "Safari", "versions": [{"version": "0", "status": "affected", "lessThan": "26.4", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"version": "0", "status": "affected", "lessThan": "18.7.7", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "26.4", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "26.4", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack."}], "references": [{"url": "https://support.apple.com/en-us/126792"}, {"url": "https://support.apple.com/en-us/126793"}, {"url": "https://support.apple.com/en-us/126794"}, {"url": "https://support.apple.com/en-us/126800"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-03-25T00:31:33.483Z"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack."}], "id": "CVE-2026-28871", "lastModified": "2026-03-25T15:41:33.977", "metrics": {}, "published": "2026-03-25T01:17:11.110", "references": [{"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/126792"}, {"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/126793"}, {"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/126794"}, {"source": "product-security@apple.com", "url": "https://support.apple.com/en-us/126800"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Awaiting Analysis"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,18.7.7)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "iOS and iPadOS", "source": "cna", "vendor": "Apple"}, "product": "ios_and_ipados", "vendor": "apple"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "macOS", "source": "cna", "vendor": "Apple"}, "product": "macos", "vendor": "apple"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Safari", "source": "cna", "vendor": "Apple"}, "product": "safari", "vendor": "apple"}], "analysis": {"en": {"generated_at": "2026-03-25T03:24:58.756069+00:00", "value": {"mitigation_remediation": ["Apply the latest Safari update (26.4 or newer).", "Upgrade iOS and iPadOS to the most recent patch (18.7.7 or newer).", "Update macOS Tahoe to version 26.4 or later.", "Verify that all Apple devices are running a patched release before visiting untrusted websites."], "summary": {"action": "Immediate Patch", "impact": "Cross\u2011Site Scripting"}, "threat_synthesis": {"affected_systems": "The flaw affects Apple Safari, iOS, iPadOS and macOS. Versions of Safari older than 26.4 are vulnerable. iOS and iPadOS versions prior to 18.7.7 (and prior to 26.4 in the later naming scheme) are impacted. macOS Tahoe releases older than 26.4 also suffer from the issue. All devices running these or earlier releases are at risk until they receive the stated fixes.", "description_and_impact": "A logic issue in Apple Safari and related operating systems allows a malicious website to inject and execute arbitrary script code within the browser context. The vulnerability is limited to visiting a specially crafted site; no additional privileges are required. While the specific downstream effects are not listed in the official description, cross\u2011site scripting can potentially lead to session hijacking, data theft, or injection of further malicious content, and the likely impact is the compromise of the user's browsing session.", "risk_and_exploitability": "Explicit CVSS, EPSS, and KEV data are not available, but the attack can be carried out remotely by simply visiting a malicious webpage, with no local privileges required. The absence of a KEV listing suggests no widespread exploitation reported, yet the remote nature of the attack and the high potential impact of XSS indicate a moderate to high risk for users without the update. The likelihood of exploitation remains uncertain, but the gain for an attacker could be significant if they control the victim\u2019s browser environment."}}}}, "created": "2026-03-25T11:37:08.461324+00:00", "title": "Logic Issue Leading to Cross\u2011Site Scripting in Safari and macOS", "updated": "2026-03-25T20:56:53.185726+00:00", "vendors": ["apple", "apple$PRODUCT$ios_and_ipados", "apple$PRODUCT$macos", "apple$PRODUCT$safari"], "weaknesses": ["CWE-79"]}