TECHNOLOGYglobal

Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS

Single source

Updated 2 hours ago

First seen March 18, 2026 19:40:47

Stay on top of this story

Follow the names and topics behind it.

Add this story's key topics to your watchlist so LyscoNews can highlight related developments and future matches.

Create free account

Create a free account to sync your watchlist, saved stories, and alerts across devices.

Quick Summary

Apple on Tuesday released its first round of Background Security Improvements to address a security flaw in WebKit that affects iOS, iPadOS, and macOS. The vulnerability, tracked as CVE-2026-20643 (CVSS score: N/A), has been described as a cross-origin issue in WebKit's Navigation API that could be exploited to bypass the same-origin policy when processing maliciously crafted web content. The

Perspective lens

Deeper Analysis

All coverage links (1)

The Hacker NewsRegional / Local

Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS

15 hours ago