CVE-2025-30466: This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, visionOS 2.4, macOS...
Description
This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, visionOS 2.4, macOS Sequoia 15.4. A website may be able to bypass Same Origin Policy.
Classification
CVE ID: CVE-2025-30466
Problem Types
A website may be able to bypass Same Origin PolicyAffected Products
Vendor: Apple
Product: iOS and iPadOS, macOS, visionOS, Safari
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.03% (probability of being exploited)
EPSS Percentile: 5.87% (scored less or equal to compared to others)
EPSS Date: 2025-06-08 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-30466https://support.apple.com/en-us/122371
https://support.apple.com/en-us/122373
https://support.apple.com/en-us/122378
https://support.apple.com/en-us/122379