CVE-2025-30425

CVE Database · CVE-2025-30425

CVE-2025-30425

· MEDIUMModified

CVSS v3.1

4.3

EPSS

0.71%

Published

Mar 31, 2025

Modified

Apr 2, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, watchOS 11.4. A malicious website may be able to track users in Safari private browsing mode.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Weaknesses (CWE)

CWE-284

Affected Products (6)

apple · safari (up to 18.4)vulnerable

apple · ipados (up to 17.7.6)vulnerable

apple · ipados (up to 18.4)vulnerable

apple · iphone_os (up to 18.4)vulnerable

apple · macos (up to 15.4)vulnerable

apple · tvos (up to 18.4)vulnerable

References (12)