Home / mailings APPLE-SA-11-03-2025-1 iOS 26.1 and iPadOS 26.1
Posted on 04 November 2025
Apple Security-announceAPPLE-SA-11-03-2025-1 iOS 26.1 and iPadOS 26.1
iOS 26.1 and iPadOS 26.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/125632.
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
Accessibility
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to identify what other apps a user has
installed
Description: A permissions issue was addressed with additional
restrictions.
CVE-2025-43442: Zhongcheng Li from IES Red Team of ByteDance
Apple Account
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: A malicious app may be able to take a screenshot of sensitive
information in embedded views
Description: A privacy issue was addressed with improved checks.
CVE-2025-43455: Ron Masas of BreakPoint.SH, Pinak Oza
Apple Neural Engine
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to cause unexpected system termination or
corrupt kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2025-43447: an anonymous researcher
CVE-2025-43462: an anonymous researcher
Apple TV Remote
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: A malicious app may be able to track users between installs
Description: The issue was addressed with improved handling of caches.
CVE-2025-43449: Rosyna Keller of Totally Not Malicious Software
AppleMobileFileIntegrity
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to access protected user data
Description: This issue was addressed with improved validation of
symlinks.
CVE-2025-43379: Gergely Kalman (@gergely_kalman)
Assets
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to break out of its sandbox
Description: This issue was addressed with improved entitlements.
CVE-2025-43407: JZ
Audio
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An attacker with physical access to an unlocked device paired
with a Mac may be able to view sensitive user information in system
logging
Description: A logging issue was addressed with improved data redaction.
CVE-2025-43423: Duy Tr=E1=BA=A7n (@khanhduytran0)
Camera
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to learn information about the current camera
view before being granted camera access
Description: A logic issue was addressed with improved checks.
CVE-2025-43450: Dennis Briner
CloudKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to break out of its sandbox
Description: This issue was addressed with improved validation of
symlinks.
CVE-2025-43448: Hikerell (Loadshine Lab)
Contacts
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to access sensitive user data
Description: A logging issue was addressed with improved data redaction.
CVE-2025-43426: Wojciech Regula of SecuRing (wojciechregula.blog)
Control Center
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An attacker may be able to view restricted content from the lock
screen
Description: A permissions issue was addressed with additional
restrictions.
CVE-2025-43350: Lukaah Marlowe
CoreServices
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to enumerate a user's installed apps
Description: A permissions issue was addressed with additional
restrictions.
CVE-2025-43436: Zhongcheng Li from IES Red Team of ByteDance
CoreText
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing a maliciously crafted media file may lead to
unexpected app termination or corrupt process memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2025-43445: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative
FileProvider
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to access sensitive user data
Description: An authorization issue was addressed with improved state
management.
CVE-2025-43498: pattern-f (@pattern_F_)
Find My
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to fingerprint the user
Description: A privacy issue was addressed by moving sensitive data.
CVE-2025-43507: iisBuri
Installer
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to fingerprint the user
Description: A permissions issue was addressed with additional
restrictions.
CVE-2025-43444: Zhongcheng Li from IES Red Team of ByteDance
Kernel
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to cause unexpected system termination
Description: The issue was addressed with improved memory handling.
CVE-2025-43398: Cristian Dinca (icmd.tech)
libxpc
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: A sandboxed app may be able to observe system-wide network
connections
Description: An access issue was addressed with additional sandbox
restrictions.
CVE-2025-43413: Dave G. and Alex Radocea of supernetworks.org
Mail Drafts
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Remote content may be loaded even when the 'Load Remote Images'
setting is turned off
Description: The issue was addressed by adding additional logic.
CVE-2025-43496: Romain Lebesle, Himanshu Bharti @Xpl0itme =46rom Khatima
MallocStackLogging
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to access sensitive user data
Description: An issue existed in the handling of environment variables.
This issue was addressed with improved validation.
CVE-2025-43294: Gergely Kalman (@gergely_kalman)
Model I/O
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing a maliciously crafted media file may lead to
unexpected app termination or corrupt process memory
Description: An out-of-bounds access issue was addressed with improved
bounds checking.
CVE-2025-43386: Michael DePlante (@izobashi) of Trend Micro Zero Day
Initiative
CVE-2025-43385: Michael DePlante (@izobashi) of Trend Micro Zero Day
Initiative
CVE-2025-43384: Michael DePlante (@izobashi) of Trend Micro Zero Day
Initiative
CVE-2025-43383: Michael DePlante (@izobashi) of Trend Micro Zero Day
Initiative
Multi-Touch
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: A malicious HID device may cause an unexpected process crash
Description: The issue was addressed with improved bounds checks.
CVE-2025-43424: Google Threat Analysis Group
Notes
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to access sensitive user data
Description: A privacy issue was addressed by removing the vulnerable
code.
CVE-2025-43389: Kirin (@Pwnrin)
On-device Intelligence
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to fingerprint the user
Description: A privacy issue was addressed by removing sensitive data.
CVE-2025-43439: Zhongcheng Li from IES Red Team of ByteDance
Photos
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to access sensitive user data
Description: A privacy issue was addressed with improved handling of
temporary files.
CVE-2025-43391: Asaf Cohen
Safari
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Visiting a malicious website may lead to address bar spoofing
Description: The issue was addressed with improved checks.
CVE-2025-43493: @RenwaX23
Safari
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Visiting a malicious website may lead to user interface spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2025-43503: @RenwaX23
Safari
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to bypass certain Privacy preferences
Description: A privacy issue was addressed by removing sensitive data.
CVE-2025-43502: an anonymous researcher
Sandbox Profiles
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to access sensitive user data
Description: A privacy issue was addressed with improved handling of
user preferences.
CVE-2025-43500: Stanislav Jelezoglo
Siri
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: A device may persistently fail to lock
Description: This issue was addressed through improved state management.
CVE-2025-43454: Joshua Thomas
Status Bar
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An attacker with physical access to a locked device may be able
to view sensitive user information
Description: A logic issue was addressed with improved checks.
CVE-2025-43460: Isaiah Wan
Stolen Device Protection
Available for: iPhone 11 and later
Impact: An attacker with physical access to a device may be able to
disable Stolen Device Protection
Description: The issue was addressed by adding additional logic.
CVE-2025-43422: Will Caine
Text Input
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Keyboard suggestions may display sensitive information on the
lock screen
Description: This issue was addressed by restricting options offered on
a locked device.
CVE-2025-43452: Thomas Salomon, Sufiyan Gouri (TU Darmstadt), Phil Scott
(@MrPeriPeri) & Richard Hyunho Im (@richeeta), Mark Bowers, Joey Hewitt,
Dylan Rollins, Arthur Baudoin, an anonymous researcher, Andr.Ess
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: A malicious website may exfiltrate data cross-origin
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 276208
CVE-2025-43480: Aleksejs Popovs
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: This issue was addressed through improved state management.
WebKit Bugzilla: 296693
CVE-2025-43458: Phil Beauvoir
WebKit Bugzilla: 298196
CVE-2025-43430: Google Big Sleep
WebKit Bugzilla: 298628
CVE-2025-43427: Gary Kwong, rheza (@ginggilBesel)
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: This issue was addressed with improved checks.
WebKit Bugzilla: 299843
CVE-2025-43443: an anonymous researcher
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 298496
CVE-2025-43441: rheza (@ginggilBesel)
WebKit Bugzilla: 299391
CVE-2025-43435: Justin Cohen of Google
WebKit Bugzilla: 298851
CVE-2025-43425: an anonymous researcher
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: This issue was addressed with improved checks
WebKit Bugzilla: 298126
CVE-2025-43440: Nan Wang (@eternalsakura13)
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected Safari crash
Description: A use-after-free issue was addressed with improved memory
management.
WebKit Bugzilla: 297662
CVE-2025-43438: shandikri working with Trend Micro Zero Day Initiative
WebKit Bugzilla: 298606
CVE-2025-43457: Gary Kwong, Hossein Lotfi (@hosselot) of Trend Micro
Zero Day Initiative
WebKit Bugzilla: 297958
CVE-2025-43434: Google Big Sleep
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: An app may be able to monitor keystrokes without user permission
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 300095
CVE-2025-43495: Lehan Dilusha Jayasinghe
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to memory
corruption
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 298093
CVE-2025-43433: Google Big Sleep
WebKit Bugzilla: 298194
CVE-2025-43431: Google Big Sleep
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: A use-after-free issue was addressed with improved memory
management.
WebKit Bugzilla: 299313
CVE-2025-43432: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: A buffer overflow was addressed with improved bounds
checking.
WebKit Bugzilla: 298232
CVE-2025-43429: Google Big Sleep
WebKit
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: Multiple issues were addressed by disabling array
allocation sinking.
WebKit Bugzilla: 300718
CVE-2025-43421: Nan Wang (@eternalsakura13)
WebKit Canvas
Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation
and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd
generation and later, iPad 8th generation and later, and iPad mini 5th
generation and later
Impact: A website may exfiltrate image data cross-origin
Description: The issue was addressed with improved handling of caches.
WebKit Bugzilla: 297566
CVE-2025-43392: Tom Van Goethem
Additional recognition
Accessibility
We would like to acknowledge Abhay Kailasia (@abhay_kailasia) from
Safran Mumbai India for their assistance.
App Store
We would like to acknowledge Bikesh Parajuli for their assistance.
FaceTime
We would like to acknowledge Un3xploitable for their assistance.
We would like to acknowledge an anonymous researcher for their
assistance.
MobileInstallation
We would like to acknowledge Bubble Zhang for their assistance.
Photos
We would like to acknowledge Abhay Kailasia (@abhay_kailasia) from
Safran Mumbai India, Yusuf Kelany for their assistance.
Safari
We would like to acknowledge Barath Stalin K for their assistance.
Safari Downloads
We would like to acknowledge Saello Puza for their assistance.
Screenshots
We would like to acknowledge an anonymous researcher for their
assistance.
Security
We would like to acknowledge Mickey Jin (@patch1t) for their assistance.
Settings
We would like to acknowledge Abhay Kailasia (@abhay_kailasia) from
Safran Mumbai India for their assistance.
Shortcuts
We would like to acknowledge BanKai, Benjamin Hornbeck, Chi Yuan Chang
of ZUSO ART and taikosoup, Ryan May, Andrew James Gonzalez, and an
anonymous researcher for their assistance.
Status Bar
We would like to acknowledge Abhay Kailasia (@abhay_kailasia) from
Safran Mumbai India, Dalibor Milanovic for their assistance.
Synapse
We would like to acknowledge Jake Derouin (jakederouin.com) for their
assistance.
UIKit
We would like to acknowledge Chi Yuan Chang of ZUSO ART and taikosoup
for their assistance.
WebKit
We would like to acknowledge Enis Maholli (enismaholli.com), Google Big
Sleep for their assistance.
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting Don't Install
will present the option the next time you connect your iOS device.
The automatic update process may take up to a week depending on the
day that iTunes or the device checks for updates. You may manually
obtain the update via the Check for Updates button within iTunes, or
the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update
will be "iOS 26.1 and iPadOS 26.1".
All information is also posted on the Apple Security Releases
web site: https://support.apple.com/100100.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
