{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-28871", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2026-03-03T16:36:03.974Z", "datePublished": "2026-03-25T00:31:33.483Z", "dateUpdated": "2026-03-27T19:48:10.491Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "Visiting a maliciously crafted website may lead to a cross-site scripting attack"}]}], "affected": [{"vendor": "Apple", "product": "Safari", "versions": [{"version": "0", "status": "affected", "lessThan": "26.4", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"version": "0", "status": "affected", "lessThan": "18.7.7", "versionType": "custom"}, {"version": "0", "status": "affected", "lessThan": "26.4", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "26.4", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack."}], "references": [{"url": "https://support.apple.com/en-us/126792"}, {"url": "https://support.apple.com/en-us/126793"}, {"url": "https://support.apple.com/en-us/126794"}, {"url": "https://support.apple.com/en-us/126800"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-03-25T00:31:33.483Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-79", "lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-27T19:47:46.868438Z", "id": "CVE-2026-28871", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T19:48:10.491Z"}}]}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A logic issue was addressed with improved checks. This issue is fixed in Safari 26.4, iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4. Visiting a maliciously crafted website may lead to a cross-site scripting attack."}, {"lang": "es", "value": "Un problema de l\u00f3gica se abord\u00f3 con comprobaciones mejoradas. Este problema se solucion\u00f3 en Safari 26.4, iOS 18.7.7 y iPadOS 18.7.7, iOS 26.4 y iPadOS 26.4, macOS Tahoe 26.4. Visitar un sitio web dise\u00f1ado con fines maliciosos puede conducir a un ataque de cross-site scripting."}], "id": "CVE-2026-28871", "lastModified": "2026-03-27T20:16:27.220", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-25T01:17:11.110", "references": [{"source": "[email protected]", "url": "https://support.apple.com/en-us/126792"}, {"source": "[email protected]", "url": "https://support.apple.com/en-us/126793"}, {"source": "[email protected]", "url": "https://support.apple.com/en-us/126794"}, {"source": "[email protected]", "url": "https://support.apple.com/en-us/126800"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Undergoing Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,18.7.7)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "iOS and iPadOS", "source": "cna", "vendor": "Apple"}, "product": "ios_and_ipados", "vendor": "apple"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "macOS", "source": "cna", "vendor": "Apple"}, "product": "macos", "vendor": "apple"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,26.4)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Safari", "source": "cna", "vendor": "Apple"}, "product": "safari", "vendor": "apple"}], "analysis": {"en": {"generated_at": "2026-03-27T10:29:13.116254+00:00", "value": {"mitigation_remediation": ["Upgrade to Safari 26.4, iOS 18.7.7, iPadOS 18.7.7, iOS 26.4, iPadOS 26.4, and macOS Tahoe 26.4 or later."], "summary": {"action": "Immediate Patch", "impact": "Cross\u2011Site Scripting"}, "threat_synthesis": {"affected_systems": "Vulnerable Apple products include Safari, iOS, iPadOS, and macOS. Earlier releases before Safari 26.4, iOS 18.7.7, iPadOS 18.7.7 and the corresponding 26.4 releases for iOS and iPadOS, as well as macOS Tahoe 26.4, lack the mitigation and are at risk.", "description_and_impact": "A logic flaw that had been removed with new validation checks enables a malicious website to inject executable scripts into a user\u2019s browser session. This flaw falls under the input validation weakness represented by CWE\u201179, allowing attackers to run arbitrary JavaScript in the context of the victim\u2019s browsing session, thereby compromising the confidentiality and integrity of the browsing environment.", "risk_and_exploitability": "The EPSS score indicates a very low probability of exploitation, and the vulnerability is not listed in the CISA KEV catalog. Exploitation would involve delivering a maliciously crafted webpage to the victim, a scenario that requires the victim to visit such a site. The attack is remote but relies on user interaction to load the malicious content."}}}}, "created": "2026-03-25T11:37:08.461324+00:00", "updated": "2026-03-27T15:48:04.919416+00:00", "vendors": ["apple", "apple$PRODUCT$ios_and_ipados", "apple$PRODUCT$macos", "apple$PRODUCT$safari"]}