CVE-2025-43376

{"id": "CVE-2025-43376", "cveTags": [], "metrics": {}, "published": "2025-11-04T02:15:44.710", "references": [{"url": "https://support.apple.com/en-us/125108", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/125113", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/125114", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/125115", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/125116", "source": "product-security@apple.com"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "A logic issue was addressed with improved state management. This issue is fixed in Safari 26, tvOS 26, watchOS 26, iOS 26 and iPadOS 26, visionOS 26. A remote attacker may be able to view leaked DNS queries with Private Relay turned on."}], "lastModified": "2025-11-04T15:40:45.533", "sourceIdentifier": "product-security@apple.com"}