Apple Background Security Improvements WebKit patch (CVE-2026-20643)
Security Patch Release
Summary
Hide ▲
Show ▼
Apple's first Background Security Improvements release patches CVE-2026-20643 in WebKit, letting iPhones, iPads, and Macs get a security fix without a full OS upgrade. The out-of-band update closes a cross-origin flaw that could let malicious web content bypass the browser's Same Origin Policy. It is available on iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2.
Related Happenings
Apple iOS, macOS, and Safari security updates (multiple vulnerabilities)
Security Patch Release
H score33
First: 30.06.2026 10:15
Last: 30.06.2026 10:15
Sources 1
About this happening:
**Apple** released security updates for **iOS**, **macOS**, and **Safari** that fix **over three dozen flaws**, including **four WebKit vulnerabilities**. The update bundle covers...
Apple iOS, macOS, and Safari security updates (multiple vulnerabilities)
Security Patch ReleaseAbout this happening: **Apple** released security updates for **iOS**, **macOS**, and **Safari** that fix **over three dozen flaws**, including **four WebKit vulnerabilities**. The update bundle covers...
Apple security patch release for CVE-2025-20701
Security Patch Release
H score29
First: 18.06.2026 15:23
Last: 18.06.2026 15:23
Sources 1
About this happening:
Apple released **Beats Firmware Update 1B211** for **Beats Studio Buds** to fix **CVE-2025-20701**, closing a Bluetooth flaw that could let nearby attackers spy on conversations....
Apple security patch release for CVE-2025-20701
Security Patch ReleaseAbout this happening: Apple released **Beats Firmware Update 1B211** for **Beats Studio Buds** to fix **CVE-2025-20701**, closing a Bluetooth flaw that could let nearby attackers spy on conversations....
Google security patch release for CVE-2026-11645
Security Patch Release
H score56
First: 09.06.2026 09:56
Last: 09.06.2026 09:56
Sources 1
About this happening:
**Google** released **emergency Chrome updates** to fix **CVE-2026-11645**, a **zero-day** that had already been **exploited in the wild**. The patched release covers **Chrome Sta...
Google security patch release for CVE-2026-11645
Security Patch ReleaseAbout this happening: **Google** released **emergency Chrome updates** to fix **CVE-2026-11645**, a **zero-day** that had already been **exploited in the wild**. The patched release covers **Chrome Sta...
Apple Passwords app and Safari add Apple Intelligence-powered automatic password repair
Security Tool/Service
H score10
First: 09.06.2026 00:03
Last: 09.06.2026 00:03
Sources 1
About this happening:
**Apple Passwords app** and **Safari** are adding an **Apple Intelligence** feature that can automatically repair weak or compromised passwords, reducing password-hygiene risk for...
Apple Passwords app and Safari add Apple Intelligence-powered automatic password repair
Security Tool/ServiceAbout this happening: **Apple Passwords app** and **Safari** are adding an **Apple Intelligence** feature that can automatically repair weak or compromised passwords, reducing password-hygiene risk for...
Google security patch release for CVE-2026-10881
Security Patch Release
H score26
First: 06.06.2026 10:28
Last: 06.06.2026 10:28
Sources 1
About this happening:
Google shipped **Chrome 149** with patches for **429 security bugs**, including **CVE-2026-10881** in **ANGLE**, creating a broad browser update for users on **Linux, Windows, and...
Google security patch release for CVE-2026-10881
Security Patch ReleaseAbout this happening: Google shipped **Chrome 149** with patches for **429 security bugs**, including **CVE-2026-10881** in **ANGLE**, creating a broad browser update for users on **Linux, Windows, and...
Timeline
-
18.03.2026 03:06 3 articles · 3mo ago
Apple releases first Background Security Improvements fix for CVE-2026-20643
Initial DisclosureApple releases its first Background Security Improvements update for iPhones, iPads, and Macs to fix CVE-2026-20643 in WebKit, a cross-origin issue in the Navigation API that could let malicious web content bypass the browser's Same Origin Policy. The update is available on iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2, and the flaw was discovered by security researcher Thomas Espach.
Show sources
- Apple pushes first Background Security Improvements update to fix WebKit flaw — www.bleepingcomputer.com — 18.03.2026 03:06
- Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS — thehackernews.com — 18.03.2026 08:31
- Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS — thehackernews.com — 18.03.2026 08:31
-
18.03.2026 03:06 3 articles · 3mo ago
Apple releases first Background Security Improvements fix for CVE-2026-20643
Initial DisclosureApple releases its first Background Security Improvements update for iPhones, iPads, and Macs to fix CVE-2026-20643 in WebKit, a cross-origin issue in the Navigation API that could let malicious web content bypass the browser's Same Origin Policy. The update is available on iOS 26.3.1, iPadOS 26.3.1, macOS 26.3.1, and macOS 26.3.2, and the flaw was discovered by security researcher Thomas Espach.
Show sources
- Apple pushes first Background Security Improvements update to fix WebKit flaw — www.bleepingcomputer.com — 18.03.2026 03:06
- Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS — thehackernews.com — 18.03.2026 08:31
- Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS — thehackernews.com — 18.03.2026 08:31