Security Advisory

CVE-2025-31266

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-21 21:22:24
Last updated 2026-04-02 18:19:21
Assigner apple
State PUBLISHED

Description

A spoofing issue was addressed with improved truncation when displaying the fully qualified domain name. This issue is fixed in Safari 18.5, macOS Sequoia 15.5. A website may be able to spoof the domain name in the title of a pop-up window.