Visionos
Monthly
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
Content Security Policy bypass in Apple's WebKit-based platforms (iOS, iPadOS, macOS Tahoe, tvOS, visionOS, watchOS) allows maliciously crafted web content to evade CSP enforcement, undermining a core browser defense against XSS and data exfiltration. Apple addressed the input validation flaw across its product line in coordinated June 2026 updates. No public exploit is identified at time of analysis and EPSS is very low (0.03%), but the cross-platform reach and high CIA impact via user interaction make patching a priority.
Use-after-free in WebKit allows remote attackers to trigger Safari crashes and potentially achieve arbitrary code execution across Apple's entire ecosystem (iOS, iPadOS, macOS, tvOS, visionOS, watchOS) via maliciously crafted web content. Users must visit or be tricked into visiting a malicious webpage (UI:R). Despite CVSS 8.8 (High) with theoretical code execution impact (C:H/I:H/A:H), EPSS probability is extremely low (0.02%, 5th percentile), indicating minimal observed exploitation activity. No public exploit identified at time of analysis, and vendor patches are available across all platforms as of version 26.5.
Memory corruption in Safari's WebKit engine across all Apple platforms allows remote attackers to trigger information disclosure via maliciously crafted web content delivered through network-accessible attack vectors requiring no authentication or user interaction. Despite the vendor description focusing on crash scenarios, the CVSS vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) indicates high confidentiality impact with no availability impact, suggesting potential memory disclosure rather than denial of service. Patched in iOS/iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, and watchOS 26.5. EPSS score of 0.02% (5th percentile) suggests low probability of mass exploitation despite network-accessible attack vector.
Memory corruption in WebKit across Apple platforms (iOS, iPadOS, macOS, tvOS, visionOS) allows remote attackers to access sensitive information via malicious web content. CVSS vector indicates network-based exploitation requiring no user interaction or authentication (AV:N/AC:L/PR:N/UI:N), contradicting the description's 'process crash' outcome with the High Confidentiality impact rating. EPSS score of 0.02% (5th percentile) suggests low real-world exploitation probability. Vendor patches available for all affected platforms (version 26.5). SSVC framework rates this as automatable with partial technical impact but no observed exploitation.
Use-after-free in WebKit across Apple's entire operating system ecosystem enables remote information disclosure via malicious web content. Affects iOS/iPadOS, macOS Tahoe, tvOS, visionOS, and watchOS versions prior to 26.5. The vulnerability allows network-based unauthenticated attackers to access high-value confidential information through crafted web pages, though the CVE description anomalously mentions process crash (availability impact) while the CVSS vector indicates confidentiality impact only. No public exploit identified at time of analysis. EPSS score of 0.02% (5th percentile) suggests low likelihood of imminent widespread exploitation despite the broad platform impact and network attack vector.
Memory corruption in WebKit across Apple's ecosystem enables confidentiality breach via malicious web content without user interaction. Affects iOS/iPadOS versions prior to 18.7.9 and 26.5, macOS Tahoe prior to 26.5, and all Apple operating systems (tvOS, visionOS, watchOS) prior to 26.5. Despite CVSS 7.5 (High), the EPSS score of 0.03% (10th percentile) indicates minimal real-world exploitation likelihood at time of analysis. No active exploitation confirmed (not in CISA KEV), and no public exploit code identified. Apple has released patches across all affected platforms.
Information disclosure in Apple WebKit's web content processing engine allows remote attackers to read sensitive memory contents via maliciously crafted web pages. This buffer overflow vulnerability (CWE-119) affects all major Apple platforms including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS prior to their respective patched versions. The CVSS vector AV:N/AC:L/PR:N/UI:N indicates trivial network-based exploitation requiring no authentication or user interaction, though the impact is limited to confidentiality (C:H/I:N/A:N) rather than the process crash described by Apple. EPSS score of 0.03% (10th percentile) suggests low observed exploitation probability despite the ease of exploitation. No CISA KEV listing or public POC identified at time of analysis. Apple has released patches across all affected platforms.
Memory corruption in Apple's WebKit web content processing engine causes an unexpected process crash (denial-of-service) across iOS, iPadOS, macOS, tvOS, visionOS, and watchOS when a victim processes attacker-controlled web content. The CVSS vector AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H confirms network-reachable, unauthenticated exploitation limited to availability impact within the affected process - no code execution or data exfiltration is indicated. No public exploit code has been identified at time of analysis, and EPSS scoring at 0.03% (10th percentile) combined with SSVC Exploitation status of 'none' signal low current exploitation pressure.
Safari on Apple platforms crashes when processing maliciously crafted web content due to a use-after-free vulnerability in memory management, resulting in denial of service. Affects iOS and iPadOS below 26.5, macOS Tahoe below 26.5, tvOS below 26.5, visionOS below 26.5, and watchOS below 26.5. Exploitation requires user interaction to visit a malicious webpage but does not allow code execution or information disclosure.
Web content processing across all major Apple platforms is vulnerable to a memory mismanagement flaw (CWE-119) that causes an unexpected process crash when a user visits or renders attacker-controlled web content. Affected platforms include iOS/iPadOS, macOS Tahoe, tvOS, visionOS, and watchOS - all versions prior to the 26.5 release line. The impact is limited to availability (A:H), with no confidentiality or integrity exposure per the CVSS vector, and no active exploitation is confirmed - EPSS sits at 0.02% (5th percentile) and SSVC rates exploitation as none, making this a moderate-priority patch rather than an emergency response item.
Memory-corruption crash in Apple's WebKit web-content engine lets a malicious website terminate the content-rendering process across iOS/iPadOS, macOS, tvOS, visionOS and watchOS prior to the 26.5 (and 18.7.9) releases. The flaw is triggered simply by viewing attacker-controlled web content, requiring no authentication but one user action (opening a page). There is no public exploit identified at time of analysis and SSVC rates exploitation as none, though the assigned CVSS 8.8 reflects worst-case memory-corruption potential rather than the crash-only behavior Apple documents.
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
Memory corruption in Apple Safari, iOS, iPadOS, macOS, and visionOS allows remote attackers to crash affected processes by delivering maliciously crafted web content to users. The vulnerability requires user interaction to view the malicious content and does not enable code execution or information disclosure. A patch is currently unavailable for this issue.
A sandbox escape vulnerability in Apple's WebKit browser engine allows malicious websites to process restricted web content outside the security sandbox, potentially enabling unauthorized access to protected system resources. The vulnerability affects Safari and all Apple operating systems including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS. Apple has addressed this issue through improved memory handling in Safari 26.4 and corresponding OS updates across all affected platforms.
A logic error in Apple's script message handler implementation allows malicious websites to access script message handlers intended for other origins, resulting in unauthorized cross-origin information disclosure. This vulnerability affects Safari 26.4 and earlier, iOS/iPadOS 18.7.7 and earlier, macOS Tahoe 26.4 and earlier, and visionOS 26.4 and earlier. An attacker can craft a malicious website that exploits improper state management in the message handler routing mechanism to intercept sensitive data intended for legitimate web applications, potentially exposing authentication tokens, user data, or other confidential information passed through script messaging interfaces.
This vulnerability affects Apple's Safari browser and related Apple operating systems (iOS, iPadOS, macOS Tahoe, and visionOS) due to improper memory handling when processing maliciously crafted web content. The flaw can lead to unexpected process crashes, resulting in a denial of service condition affecting all users of the impacted Safari versions and OS versions below 26.4. While no CVSS score or EPSS data is currently published, the vulnerability has been patched by Apple, suggesting it was discovered through internal security review or responsible disclosure rather than active exploitation.
Remote denial-of-service attacks against Apple's macOS, iOS, iPadOS, Safari, and visionOS result from improper memory handling that allows unauthenticated attackers to crash affected systems over the network. The vulnerability affects multiple Apple platforms and requires no user interaction or elevated privileges to exploit. Patches are available for macOS Tahoe 26.3, iOS/iPadOS 18.7.5, visionOS 26.3, and Safari 26.3.
Memory handling flaws in Apple's macOS, iOS, iPadOS, and Safari allow remote attackers to crash affected processes by serving specially crafted web content, requiring only user interaction to trigger the denial of service. The vulnerability affects multiple Apple platforms and products across recent versions, with fixes available in macOS Tahoe 26.3, iOS 18.7.5, iPadOS 18.7.5, and Safari 26.3. No patches are currently available for all affected versions.
Denial of service in Apple Safari, iOS, iPadOS, and macOS results from improper memory handling when processing maliciously crafted web content, causing unexpected process crashes. An unauthenticated remote attacker can trigger this vulnerability through a specially crafted webpage, affecting users who view the malicious content. No patch is currently available for this vulnerability.
Denial of service affecting Apple's macOS, iOS, iPadOS, watchOS, tvOS, and visionOS results from a memory handling flaw that crashes processes when parsing malicious web content. An unauthenticated remote attacker can trigger unexpected application termination through crafted web pages, requiring only user interaction to visit a malicious site. A patch is not currently available for this medium-severity vulnerability.
Denial of service in Apple macOS, iOS, and iPadOS results from improper state management when processing malicious web content, causing unexpected process crashes. Local attackers with user interaction can trigger this vulnerability to disrupt system availability. No patch is currently available.
Local privilege escalation in Apple operating systems (iOS, iPadOS, macOS Tahoe, visionOS, watchOS) allows authenticated applications to bypass payment token access restrictions and obtain sensitive payment credentials. The vulnerability affects all versions prior to the 26.2 release across affected platforms. CVSS 5.5 with low real-world exploitation risk (EPSS 0.01%), no public exploit identified, not listed in CISA KEV.
Installed app enumeration via permissions bypass in Apple operating systems allows a locally authenticated app to discover what other applications a user has installed through insufficient access controls. Affects iOS 18.7.2 and earlier, iPadOS 18.7.2 and earlier, macOS Tahoe 26.1 and earlier, tvOS 26.1 and earlier, visionOS 26.1 and earlier, and watchOS 26.1 and earlier. The vulnerability has a low CVSS score (3.3) with extremely low exploitation probability (EPSS 0.02%) and no public exploit identified at time of analysis.
Safari and Apple operating systems contain a race condition that crashes the rendering process when processing maliciously crafted web content, affecting Safari 26.2 and earlier, iOS 18.7.3 and earlier, iPadOS 18.7.3 and earlier, macOS Tahoe 26.2 and earlier, tvOS 26.2 and earlier, visionOS 26.2 and earlier, and watchOS 26.2 and earlier. The vulnerability requires user interaction (clicking a malicious link or visiting a hostile website) and has high attack complexity, resulting in denial of service through process crash rather than data compromise. No public exploit code has been identified, EPSS exploitation probability is very low at 0.12%, and Apple has released patched versions across all affected platforms.
Unauthenticated access to Hidden Photos Album in Apple iOS, iPadOS, macOS, and visionOS allows remote attackers to view protected photos without authentication due to a configuration flaw. Fixed in iOS/iPadOS 26.2, macOS Tahoe 26.2, and visionOS 26.2. CVSS 9.8 (Critical) reflects network-based unauthenticated access, though EPSS of 0.13% (32nd percentile) suggests low observed exploitation probability. No public exploit identified at time of analysis, and not listed in CISA KEV. This represents a privacy-critical authentication bypass affecting Apple's Photos app across all major platforms.
Mail header parsing flaw in Apple operating systems allows unauthenticated remote attackers to trigger persistent denial-of-service conditions across iOS, iPadOS, macOS, visionOS, and watchOS platforms. The vulnerability affects all major Apple OS releases prior to January 2025 patches (iOS/iPadOS 18.7.2/26.1, macOS Sequoia 15.7.2/Sonoma 14.8.2/Tahoe 26.1, visionOS 26.1, watchOS 26.1). With EPSS exploitation probability at 0.19% (41st percentile) and no public exploit identified at time of analysis, real-world risk appears moderate despite the 7.5 CVSS score.
A use-after-free issue was addressed with improved memory management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved memory handling. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A use-after-free issue was addressed with improved memory management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Double free memory management vulnerability in Apple operating systems (iOS, iPadOS, macOS, tvOS, visionOS, watchOS) allows local apps to trigger unexpected system termination through memory corruption. Affecting iOS 18.5 and earlier, iPadOS 18.5 and earlier, macOS Sequoia 15.5 and earlier, macOS Sonoma 14.7.6 and earlier, macOS Ventura 13.7.6 and earlier, tvOS 18.5 and earlier, visionOS 2.5 and earlier, and watchOS 11.5 and earlier. No public exploit code or active exploitation confirmed; EPSS score of 0.01% indicates minimal real-world exploitation probability despite moderate CVSS rating.
Out-of-bounds read in Apple Safari and system WebKit implementations allows local attackers to disclose internal application state by processing maliciously crafted web content, affecting Safari 18.5 and earlier, iOS 18.5 and earlier, iPadOS 18.5 and earlier, macOS Sequoia 15.5 and earlier, tvOS 18.5 and earlier, visionOS 2.5 and earlier, and watchOS 11.5 and earlier. The vulnerability requires local access and user interaction but poses information disclosure risk with CVSS 4.0 and EPSS 0.02% (very low exploitation probability); no public exploit code or active exploitation has been identified.
Memory corruption vulnerabilities in Apple's graphics texture processing engine across iOS, iPadOS, macOS, tvOS, visionOS, and watchOS allow remote code execution via maliciously crafted texture files. Affects all major Apple platforms prior to July 2025 updates (iOS/iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6). Despite a critical CVSS 9.8 score indicating network-exploitable remote code execution without authentication, EPSS shows only 0.18% exploitation probability (40th percentile), and no public exploit identified at time of analysis. The vulnerability requires processing specially crafted texture data, likely through applications handling untrusted image or 3D content.
Insufficient permission checks in Apple operating systems allow local apps to access user-sensitive data without proper authorization. The vulnerability affects iOS 18.5 and earlier, iPadOS 18.5 and earlier (and iPadOS 17.7.8 and earlier), macOS Sequoia 15.5 and earlier, tvOS 18.5 and earlier, visionOS 2.5 and earlier, and watchOS 11.5 and earlier. An unprivileged local application can exploit this to read sensitive user information by circumventing the permission model. No public exploit code has been identified at time of analysis, and EPSS scoring (0.02%, 4th percentile) indicates very low real-world exploitation probability despite the information disclosure impact.
Information disclosure vulnerability in WebKit across Apple's ecosystem allows unauthenticated remote attackers to extract sensitive user information through maliciously crafted web content. The flaw affects Safari 18.x, iOS/iPadOS 18.x, macOS Sequoia 15.x, tvOS 18.x, visionOS 2.x, and watchOS 11.x, stemming from improper state management (CWE-359). Despite a CVSS score of 7.5, real-world exploitation risk remains relatively low with 0.13% EPSS probability and no public exploit identified at time of analysis. Vendor-released patches are available across all affected platforms.
Out-of-bounds memory read in Apple's image processing component allows local attackers without privileges to disclose sensitive process memory by supplying a maliciously crafted image, affecting iOS 18.5 and earlier, iPadOS 17.7.8 and earlier, macOS Sequoia 15.5 and earlier, macOS Sonoma 14.7.6 and earlier, tvOS 18.5 and earlier, visionOS 2.5 and earlier, and watchOS 11.5 and earlier. No public exploit code or active exploitation has been identified; exploitation requires local access and user interaction to process the malicious image. The EPSS score of 0.02% (5th percentile) indicates minimal real-world exploitation likelihood despite the broad platform impact.
Out-of-bounds memory access in Apple media processing components affects iOS, iPadOS, macOS, tvOS, and visionOS, allowing local attackers to crash applications or corrupt memory via malicious media files. Fixed in iOS/iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, and visionOS 2.6. EPSS score of 0.02% (4th percentile) indicates minimal observed exploitation probability, and no public exploit identified at time of analysis, suggesting lower immediate risk despite CVSS 7.1 rating.
Improper input validation in Apple's network configuration subsystem across iOS, iPadOS, macOS, tvOS, visionOS, and watchOS allows unauthenticated remote attackers to trigger denial-of-service conditions and enables non-privileged local users to modify restricted network settings. Fixed in iOS/iPadOS 18.6/17.7.9, macOS Sequoia 15.6, Sonoma 14.7.7, Ventura 13.7.7, tvOS 18.6, visionOS 2.6, and watchOS 11.6. EPSS score of 0.15% (36th percentile) indicates low predicted exploitation probability, and no public exploit identified at time of analysis.
Out-of-bounds read vulnerability in Apple media processing frameworks allows local attackers to cause application crashes or disclose sensitive process memory by tricking users into opening malicious media files. Affects iOS/iPadOS 18.x, macOS Sequoia 15.x, tvOS 18.x, and visionOS 2.x prior to July 2025 security updates. No public exploit identified at time of analysis, with EPSS score of 0.02% indicating minimal observed exploitation activity. User interaction required (opening crafted file) reduces immediate risk despite 7.1 CVSS score.
Safari and Apple operating systems contain a use-after-free vulnerability in web content processing that causes unexpected application crashes when users visit maliciously crafted websites. The flaw affects Safari 18.5 and earlier, iOS 18.5 and earlier, iPadOS 18.5 and earlier (also iPadOS 17.7.8 and earlier), macOS Sequoia 15.5 and earlier, tvOS 18.5 and earlier, visionOS 2.5 and earlier, and watchOS 11.5 and earlier. Remote attackers can trigger a denial-of-service condition requiring only user interaction to visit a malicious page, with no elevated privileges required. Apple has released patches for all affected platforms; the EPSS score of 0.10% (28th percentile) indicates low real-world exploitation probability despite the accessibility of the attack vector.
Safari and related Apple platforms crash when processing maliciously crafted web content due to improper memory handling in a buffer overflow condition (CWE-119). The vulnerability affects Safari 18.5 and earlier, iOS 18.5 and earlier, iPadOS 18.5 and earlier, macOS Sequoia 15.5 and earlier, tvOS 18.5 and earlier, visionOS 2.5 and earlier, and watchOS 11.5 and earlier. An unauthenticated remote attacker can trigger denial of service by hosting or injecting malicious web content that causes an unexpected browser crash. No public exploit code or active exploitation has been confirmed at time of analysis, though the low EPSS score (0.15%) suggests minimal real-world exploitation likelihood despite the moderate CVSS 6.5 severity.
Safari and Apple platform web content processing crashes due to a buffer overflow vulnerability when handling maliciously crafted web content. Affects Safari 18.5 and earlier, iOS 18.5 and earlier, iPadOS 18.5 and earlier, macOS Sequoia 15.5 and earlier, tvOS 18.5 and earlier, visionOS 2.5 and earlier, and watchOS 11.5 and earlier. Unauthenticated remote attackers can trigger a denial of service by enticing users to visit a malicious webpage, resulting in application crash with no data theft or code execution capability. No public exploit identified at time of analysis; EPSS score of 0.12% indicates low real-world exploitation probability despite moderate CVSS rating.
Safari and related Apple platforms crash when processing maliciously crafted web content due to a memory handling vulnerability (buffer overflow). Affects Safari 18.5 and earlier, iOS 18.5 and earlier, iPadOS 18.5 and earlier, macOS Sequoia 15.5 and earlier, tvOS 18.5 and earlier, visionOS 2.5 and earlier, and watchOS 11.5 and earlier. An unauthenticated remote attacker can trigger a denial of service by hosting or injecting malicious web content, with user interaction required to visit the affected content. No public exploit code or active exploitation has been confirmed (EPSS 0.08% indicates minimal real-world exploitation activity to date).
Denial-of-service vulnerability in Apple's WebKit engine affects Safari, iOS, iPadOS, macOS, tvOS, visionOS, and watchOS through improper memory handling during web content processing. Local attackers without authentication can trigger this vulnerability via crafted web content to cause application crashes. Vendor-released patches are available across all affected platforms; EPSS score of 0.02% indicates minimal real-world exploitation likelihood despite the moderate CVSS 6.2 rating.
Out-of-bounds write vulnerability in WebKit across Apple's entire operating system ecosystem allows remote code execution via maliciously crafted web content without user interaction or authentication. Affects iOS, iPadOS, macOS (Ventura through Sequoia), tvOS, visionOS, and watchOS prior to July 2025 security updates. Despite a critical 9.8 CVSS score indicating maximum severity, EPSS probability remains low at 0.14% (34th percentile), and no public exploit identified at time of analysis, suggesting limited observed exploitation attempts despite the theoretical remote attack surface.
Buffer overflow memory corruption in Apple file parsing components allows remote code execution across iOS 18.6, iPadOS 18.6, macOS (Sequoia 15.6, Sonoma 14.7.7, Ventura 13.7.7), tvOS 18.6, visionOS 2.6, and watchOS 11.6. Unauthenticated attackers can trigger arbitrary code execution by delivering a maliciously crafted file requiring no user interaction beyond parsing. Despite CVSS 9.8 critical severity, EPSS score of 0.16% (37th percentile) indicates low observed exploitation probability. No public exploit identified at time of analysis and not listed in CISA KEV, suggesting theoretical risk exceeds current real-world threat activity.
Memory handling flaws in Apple's operating systems allow unauthenticated remote attackers to cause information disclosure and application crashes by sending maliciously crafted files. Affects iOS 18.x prior to 18.6, iPadOS 18.x prior to 18.6, macOS Sequoia prior to 15.6, tvOS prior to 18.6, and visionOS prior to 2.6. CVSS 9.1 (Critical) reflects network-accessible attack vector with no authentication required, though EPSS probability remains low at 0.12% (32nd percentile), and no public exploit or active exploitation confirmed at time of analysis.
Memory corruption in Apple's WebKit browser engine across Safari 18.x, iOS/iPadOS 18.x, macOS Sequoia 15.x, and other Apple operating systems allows remote attackers to achieve arbitrary code execution via maliciously crafted web content requiring only user interaction (visiting a malicious webpage). With CVSS 8.8 (High), the vulnerability enables complete system compromise (high confidentiality, integrity, and availability impact) but carries relatively low real-world exploitation probability (EPSS 0.10%, 27th percentile). No public exploit identified at time of analysis, and vendor-released patches are available across all affected platforms as of July-August 2025.
WebKit memory corruption in Safari 18.6 and multiple Apple platforms allows remote code execution when processing maliciously crafted web content, exploited in the wild as a zero-day.
Memory corruption in WebKit browser engine allows remote code execution across Apple's ecosystem (Safari 18.6, iOS/iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6) when users interact with maliciously crafted web content. The vulnerability stems from improper memory handling (CWE-119 buffer overflow) and requires no authentication but user interaction to trigger. EPSS score of 0.10% (26th percentile) indicates low observed exploitation probability, and no public exploit identified at time of analysis, though the CVSS 8.8 rating reflects the potential for complete system compromise if successfully exploited.
Remote denial-of-service in Apple operating systems (iOS, iPadOS, macOS, tvOS, visionOS, watchOS) allows unauthenticated network attackers to trigger unexpected system termination via improved checks bypass. Affects multiple OS versions prior to their respective May 2025 updates (iOS/iPadOS 18.5/17.7.9, macOS Sequoia 15.5/Ventura 13.7.7, tvOS 18.5, visionOS 2.5, watchOS 11.5). No public exploit identified at time of analysis. EPSS probability of 0.27% (51st percentile) suggests relatively low observed exploitation activity, though the network-accessible attack vector and lack of authentication requirements (CVSS AV:N/PR:N) create broad exposure surface across Apple's ecosystem.
The issue was addressed with improved checks. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A null pointer dereference was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A denial-of-service issue was addressed with improved input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved memory handling. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A permissions issue was addressed with additional restrictions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
A type confusion issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
A race condition was addressed with additional validation. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
This issue was addressed by using HTTPS when sending information over the network. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved memory handling. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A cookie management issue was addressed with improved state management. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved bounds checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved bounds checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved bounds checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved bounds checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A use-after-free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An information disclosure issue was addressed with improved private data redaction for log entries. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
This issue was addressed with improved handling of symlinks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A logic issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
This issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
This issue was addressed through improved state management. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
This issue was addressed with improved handling of symlinks. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A path handling issue was addressed with improved logic. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A logic issue was addressed with improved file handling. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A memory corruption issue was addressed with improved input validation. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An information disclosure issue was addressed with improved private data redaction for log entries. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
An information leakage was addressed with additional validation. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
This issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
The issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
Content Security Policy bypass in Apple's WebKit-based platforms (iOS, iPadOS, macOS Tahoe, tvOS, visionOS, watchOS) allows maliciously crafted web content to evade CSP enforcement, undermining a core browser defense against XSS and data exfiltration. Apple addressed the input validation flaw across its product line in coordinated June 2026 updates. No public exploit is identified at time of analysis and EPSS is very low (0.03%), but the cross-platform reach and high CIA impact via user interaction make patching a priority.
Use-after-free in WebKit allows remote attackers to trigger Safari crashes and potentially achieve arbitrary code execution across Apple's entire ecosystem (iOS, iPadOS, macOS, tvOS, visionOS, watchOS) via maliciously crafted web content. Users must visit or be tricked into visiting a malicious webpage (UI:R). Despite CVSS 8.8 (High) with theoretical code execution impact (C:H/I:H/A:H), EPSS probability is extremely low (0.02%, 5th percentile), indicating minimal observed exploitation activity. No public exploit identified at time of analysis, and vendor patches are available across all platforms as of version 26.5.
Memory corruption in Safari's WebKit engine across all Apple platforms allows remote attackers to trigger information disclosure via maliciously crafted web content delivered through network-accessible attack vectors requiring no authentication or user interaction. Despite the vendor description focusing on crash scenarios, the CVSS vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) indicates high confidentiality impact with no availability impact, suggesting potential memory disclosure rather than denial of service. Patched in iOS/iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, and watchOS 26.5. EPSS score of 0.02% (5th percentile) suggests low probability of mass exploitation despite network-accessible attack vector.
Memory corruption in WebKit across Apple platforms (iOS, iPadOS, macOS, tvOS, visionOS) allows remote attackers to access sensitive information via malicious web content. CVSS vector indicates network-based exploitation requiring no user interaction or authentication (AV:N/AC:L/PR:N/UI:N), contradicting the description's 'process crash' outcome with the High Confidentiality impact rating. EPSS score of 0.02% (5th percentile) suggests low real-world exploitation probability. Vendor patches available for all affected platforms (version 26.5). SSVC framework rates this as automatable with partial technical impact but no observed exploitation.
Use-after-free in WebKit across Apple's entire operating system ecosystem enables remote information disclosure via malicious web content. Affects iOS/iPadOS, macOS Tahoe, tvOS, visionOS, and watchOS versions prior to 26.5. The vulnerability allows network-based unauthenticated attackers to access high-value confidential information through crafted web pages, though the CVE description anomalously mentions process crash (availability impact) while the CVSS vector indicates confidentiality impact only. No public exploit identified at time of analysis. EPSS score of 0.02% (5th percentile) suggests low likelihood of imminent widespread exploitation despite the broad platform impact and network attack vector.
Memory corruption in WebKit across Apple's ecosystem enables confidentiality breach via malicious web content without user interaction. Affects iOS/iPadOS versions prior to 18.7.9 and 26.5, macOS Tahoe prior to 26.5, and all Apple operating systems (tvOS, visionOS, watchOS) prior to 26.5. Despite CVSS 7.5 (High), the EPSS score of 0.03% (10th percentile) indicates minimal real-world exploitation likelihood at time of analysis. No active exploitation confirmed (not in CISA KEV), and no public exploit code identified. Apple has released patches across all affected platforms.
Information disclosure in Apple WebKit's web content processing engine allows remote attackers to read sensitive memory contents via maliciously crafted web pages. This buffer overflow vulnerability (CWE-119) affects all major Apple platforms including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS prior to their respective patched versions. The CVSS vector AV:N/AC:L/PR:N/UI:N indicates trivial network-based exploitation requiring no authentication or user interaction, though the impact is limited to confidentiality (C:H/I:N/A:N) rather than the process crash described by Apple. EPSS score of 0.03% (10th percentile) suggests low observed exploitation probability despite the ease of exploitation. No CISA KEV listing or public POC identified at time of analysis. Apple has released patches across all affected platforms.
Memory corruption in Apple's WebKit web content processing engine causes an unexpected process crash (denial-of-service) across iOS, iPadOS, macOS, tvOS, visionOS, and watchOS when a victim processes attacker-controlled web content. The CVSS vector AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H confirms network-reachable, unauthenticated exploitation limited to availability impact within the affected process - no code execution or data exfiltration is indicated. No public exploit code has been identified at time of analysis, and EPSS scoring at 0.03% (10th percentile) combined with SSVC Exploitation status of 'none' signal low current exploitation pressure.
Safari on Apple platforms crashes when processing maliciously crafted web content due to a use-after-free vulnerability in memory management, resulting in denial of service. Affects iOS and iPadOS below 26.5, macOS Tahoe below 26.5, tvOS below 26.5, visionOS below 26.5, and watchOS below 26.5. Exploitation requires user interaction to visit a malicious webpage but does not allow code execution or information disclosure.
Web content processing across all major Apple platforms is vulnerable to a memory mismanagement flaw (CWE-119) that causes an unexpected process crash when a user visits or renders attacker-controlled web content. Affected platforms include iOS/iPadOS, macOS Tahoe, tvOS, visionOS, and watchOS - all versions prior to the 26.5 release line. The impact is limited to availability (A:H), with no confidentiality or integrity exposure per the CVSS vector, and no active exploitation is confirmed - EPSS sits at 0.02% (5th percentile) and SSVC rates exploitation as none, making this a moderate-priority patch rather than an emergency response item.
Memory-corruption crash in Apple's WebKit web-content engine lets a malicious website terminate the content-rendering process across iOS/iPadOS, macOS, tvOS, visionOS and watchOS prior to the 26.5 (and 18.7.9) releases. The flaw is triggered simply by viewing attacker-controlled web content, requiring no authentication but one user action (opening a page). There is no public exploit identified at time of analysis and SSVC rates exploitation as none, though the assigned CVSS 8.8 reflects worst-case memory-corruption potential rather than the crash-only behavior Apple documents.
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash.
Memory corruption in Apple Safari, iOS, iPadOS, macOS, and visionOS allows remote attackers to crash affected processes by delivering maliciously crafted web content to users. The vulnerability requires user interaction to view the malicious content and does not enable code execution or information disclosure. A patch is currently unavailable for this issue.
A sandbox escape vulnerability in Apple's WebKit browser engine allows malicious websites to process restricted web content outside the security sandbox, potentially enabling unauthorized access to protected system resources. The vulnerability affects Safari and all Apple operating systems including iOS, iPadOS, macOS, tvOS, visionOS, and watchOS. Apple has addressed this issue through improved memory handling in Safari 26.4 and corresponding OS updates across all affected platforms.
A logic error in Apple's script message handler implementation allows malicious websites to access script message handlers intended for other origins, resulting in unauthorized cross-origin information disclosure. This vulnerability affects Safari 26.4 and earlier, iOS/iPadOS 18.7.7 and earlier, macOS Tahoe 26.4 and earlier, and visionOS 26.4 and earlier. An attacker can craft a malicious website that exploits improper state management in the message handler routing mechanism to intercept sensitive data intended for legitimate web applications, potentially exposing authentication tokens, user data, or other confidential information passed through script messaging interfaces.
This vulnerability affects Apple's Safari browser and related Apple operating systems (iOS, iPadOS, macOS Tahoe, and visionOS) due to improper memory handling when processing maliciously crafted web content. The flaw can lead to unexpected process crashes, resulting in a denial of service condition affecting all users of the impacted Safari versions and OS versions below 26.4. While no CVSS score or EPSS data is currently published, the vulnerability has been patched by Apple, suggesting it was discovered through internal security review or responsible disclosure rather than active exploitation.
Remote denial-of-service attacks against Apple's macOS, iOS, iPadOS, Safari, and visionOS result from improper memory handling that allows unauthenticated attackers to crash affected systems over the network. The vulnerability affects multiple Apple platforms and requires no user interaction or elevated privileges to exploit. Patches are available for macOS Tahoe 26.3, iOS/iPadOS 18.7.5, visionOS 26.3, and Safari 26.3.
Memory handling flaws in Apple's macOS, iOS, iPadOS, and Safari allow remote attackers to crash affected processes by serving specially crafted web content, requiring only user interaction to trigger the denial of service. The vulnerability affects multiple Apple platforms and products across recent versions, with fixes available in macOS Tahoe 26.3, iOS 18.7.5, iPadOS 18.7.5, and Safari 26.3. No patches are currently available for all affected versions.
Denial of service in Apple Safari, iOS, iPadOS, and macOS results from improper memory handling when processing maliciously crafted web content, causing unexpected process crashes. An unauthenticated remote attacker can trigger this vulnerability through a specially crafted webpage, affecting users who view the malicious content. No patch is currently available for this vulnerability.
Denial of service affecting Apple's macOS, iOS, iPadOS, watchOS, tvOS, and visionOS results from a memory handling flaw that crashes processes when parsing malicious web content. An unauthenticated remote attacker can trigger unexpected application termination through crafted web pages, requiring only user interaction to visit a malicious site. A patch is not currently available for this medium-severity vulnerability.
Denial of service in Apple macOS, iOS, and iPadOS results from improper state management when processing malicious web content, causing unexpected process crashes. Local attackers with user interaction can trigger this vulnerability to disrupt system availability. No patch is currently available.
Local privilege escalation in Apple operating systems (iOS, iPadOS, macOS Tahoe, visionOS, watchOS) allows authenticated applications to bypass payment token access restrictions and obtain sensitive payment credentials. The vulnerability affects all versions prior to the 26.2 release across affected platforms. CVSS 5.5 with low real-world exploitation risk (EPSS 0.01%), no public exploit identified, not listed in CISA KEV.
Installed app enumeration via permissions bypass in Apple operating systems allows a locally authenticated app to discover what other applications a user has installed through insufficient access controls. Affects iOS 18.7.2 and earlier, iPadOS 18.7.2 and earlier, macOS Tahoe 26.1 and earlier, tvOS 26.1 and earlier, visionOS 26.1 and earlier, and watchOS 26.1 and earlier. The vulnerability has a low CVSS score (3.3) with extremely low exploitation probability (EPSS 0.02%) and no public exploit identified at time of analysis.
Safari and Apple operating systems contain a race condition that crashes the rendering process when processing maliciously crafted web content, affecting Safari 26.2 and earlier, iOS 18.7.3 and earlier, iPadOS 18.7.3 and earlier, macOS Tahoe 26.2 and earlier, tvOS 26.2 and earlier, visionOS 26.2 and earlier, and watchOS 26.2 and earlier. The vulnerability requires user interaction (clicking a malicious link or visiting a hostile website) and has high attack complexity, resulting in denial of service through process crash rather than data compromise. No public exploit code has been identified, EPSS exploitation probability is very low at 0.12%, and Apple has released patched versions across all affected platforms.
Unauthenticated access to Hidden Photos Album in Apple iOS, iPadOS, macOS, and visionOS allows remote attackers to view protected photos without authentication due to a configuration flaw. Fixed in iOS/iPadOS 26.2, macOS Tahoe 26.2, and visionOS 26.2. CVSS 9.8 (Critical) reflects network-based unauthenticated access, though EPSS of 0.13% (32nd percentile) suggests low observed exploitation probability. No public exploit identified at time of analysis, and not listed in CISA KEV. This represents a privacy-critical authentication bypass affecting Apple's Photos app across all major platforms.
Mail header parsing flaw in Apple operating systems allows unauthenticated remote attackers to trigger persistent denial-of-service conditions across iOS, iPadOS, macOS, visionOS, and watchOS platforms. The vulnerability affects all major Apple OS releases prior to January 2025 patches (iOS/iPadOS 18.7.2/26.1, macOS Sequoia 15.7.2/Sonoma 14.8.2/Tahoe 26.1, visionOS 26.1, watchOS 26.1). With EPSS exploitation probability at 0.19% (41st percentile) and no public exploit identified at time of analysis, real-world risk appears moderate despite the 7.5 CVSS score.
A use-after-free issue was addressed with improved memory management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved memory handling. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A use-after-free issue was addressed with improved memory management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Double free memory management vulnerability in Apple operating systems (iOS, iPadOS, macOS, tvOS, visionOS, watchOS) allows local apps to trigger unexpected system termination through memory corruption. Affecting iOS 18.5 and earlier, iPadOS 18.5 and earlier, macOS Sequoia 15.5 and earlier, macOS Sonoma 14.7.6 and earlier, macOS Ventura 13.7.6 and earlier, tvOS 18.5 and earlier, visionOS 2.5 and earlier, and watchOS 11.5 and earlier. No public exploit code or active exploitation confirmed; EPSS score of 0.01% indicates minimal real-world exploitation probability despite moderate CVSS rating.
Out-of-bounds read in Apple Safari and system WebKit implementations allows local attackers to disclose internal application state by processing maliciously crafted web content, affecting Safari 18.5 and earlier, iOS 18.5 and earlier, iPadOS 18.5 and earlier, macOS Sequoia 15.5 and earlier, tvOS 18.5 and earlier, visionOS 2.5 and earlier, and watchOS 11.5 and earlier. The vulnerability requires local access and user interaction but poses information disclosure risk with CVSS 4.0 and EPSS 0.02% (very low exploitation probability); no public exploit code or active exploitation has been identified.
Memory corruption vulnerabilities in Apple's graphics texture processing engine across iOS, iPadOS, macOS, tvOS, visionOS, and watchOS allow remote code execution via maliciously crafted texture files. Affects all major Apple platforms prior to July 2025 updates (iOS/iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6). Despite a critical CVSS 9.8 score indicating network-exploitable remote code execution without authentication, EPSS shows only 0.18% exploitation probability (40th percentile), and no public exploit identified at time of analysis. The vulnerability requires processing specially crafted texture data, likely through applications handling untrusted image or 3D content.
Insufficient permission checks in Apple operating systems allow local apps to access user-sensitive data without proper authorization. The vulnerability affects iOS 18.5 and earlier, iPadOS 18.5 and earlier (and iPadOS 17.7.8 and earlier), macOS Sequoia 15.5 and earlier, tvOS 18.5 and earlier, visionOS 2.5 and earlier, and watchOS 11.5 and earlier. An unprivileged local application can exploit this to read sensitive user information by circumventing the permission model. No public exploit code has been identified at time of analysis, and EPSS scoring (0.02%, 4th percentile) indicates very low real-world exploitation probability despite the information disclosure impact.
Information disclosure vulnerability in WebKit across Apple's ecosystem allows unauthenticated remote attackers to extract sensitive user information through maliciously crafted web content. The flaw affects Safari 18.x, iOS/iPadOS 18.x, macOS Sequoia 15.x, tvOS 18.x, visionOS 2.x, and watchOS 11.x, stemming from improper state management (CWE-359). Despite a CVSS score of 7.5, real-world exploitation risk remains relatively low with 0.13% EPSS probability and no public exploit identified at time of analysis. Vendor-released patches are available across all affected platforms.
Out-of-bounds memory read in Apple's image processing component allows local attackers without privileges to disclose sensitive process memory by supplying a maliciously crafted image, affecting iOS 18.5 and earlier, iPadOS 17.7.8 and earlier, macOS Sequoia 15.5 and earlier, macOS Sonoma 14.7.6 and earlier, tvOS 18.5 and earlier, visionOS 2.5 and earlier, and watchOS 11.5 and earlier. No public exploit code or active exploitation has been identified; exploitation requires local access and user interaction to process the malicious image. The EPSS score of 0.02% (5th percentile) indicates minimal real-world exploitation likelihood despite the broad platform impact.
Out-of-bounds memory access in Apple media processing components affects iOS, iPadOS, macOS, tvOS, and visionOS, allowing local attackers to crash applications or corrupt memory via malicious media files. Fixed in iOS/iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, and visionOS 2.6. EPSS score of 0.02% (4th percentile) indicates minimal observed exploitation probability, and no public exploit identified at time of analysis, suggesting lower immediate risk despite CVSS 7.1 rating.
Improper input validation in Apple's network configuration subsystem across iOS, iPadOS, macOS, tvOS, visionOS, and watchOS allows unauthenticated remote attackers to trigger denial-of-service conditions and enables non-privileged local users to modify restricted network settings. Fixed in iOS/iPadOS 18.6/17.7.9, macOS Sequoia 15.6, Sonoma 14.7.7, Ventura 13.7.7, tvOS 18.6, visionOS 2.6, and watchOS 11.6. EPSS score of 0.15% (36th percentile) indicates low predicted exploitation probability, and no public exploit identified at time of analysis.
Out-of-bounds read vulnerability in Apple media processing frameworks allows local attackers to cause application crashes or disclose sensitive process memory by tricking users into opening malicious media files. Affects iOS/iPadOS 18.x, macOS Sequoia 15.x, tvOS 18.x, and visionOS 2.x prior to July 2025 security updates. No public exploit identified at time of analysis, with EPSS score of 0.02% indicating minimal observed exploitation activity. User interaction required (opening crafted file) reduces immediate risk despite 7.1 CVSS score.
Safari and Apple operating systems contain a use-after-free vulnerability in web content processing that causes unexpected application crashes when users visit maliciously crafted websites. The flaw affects Safari 18.5 and earlier, iOS 18.5 and earlier, iPadOS 18.5 and earlier (also iPadOS 17.7.8 and earlier), macOS Sequoia 15.5 and earlier, tvOS 18.5 and earlier, visionOS 2.5 and earlier, and watchOS 11.5 and earlier. Remote attackers can trigger a denial-of-service condition requiring only user interaction to visit a malicious page, with no elevated privileges required. Apple has released patches for all affected platforms; the EPSS score of 0.10% (28th percentile) indicates low real-world exploitation probability despite the accessibility of the attack vector.
Safari and related Apple platforms crash when processing maliciously crafted web content due to improper memory handling in a buffer overflow condition (CWE-119). The vulnerability affects Safari 18.5 and earlier, iOS 18.5 and earlier, iPadOS 18.5 and earlier, macOS Sequoia 15.5 and earlier, tvOS 18.5 and earlier, visionOS 2.5 and earlier, and watchOS 11.5 and earlier. An unauthenticated remote attacker can trigger denial of service by hosting or injecting malicious web content that causes an unexpected browser crash. No public exploit code or active exploitation has been confirmed at time of analysis, though the low EPSS score (0.15%) suggests minimal real-world exploitation likelihood despite the moderate CVSS 6.5 severity.
Safari and Apple platform web content processing crashes due to a buffer overflow vulnerability when handling maliciously crafted web content. Affects Safari 18.5 and earlier, iOS 18.5 and earlier, iPadOS 18.5 and earlier, macOS Sequoia 15.5 and earlier, tvOS 18.5 and earlier, visionOS 2.5 and earlier, and watchOS 11.5 and earlier. Unauthenticated remote attackers can trigger a denial of service by enticing users to visit a malicious webpage, resulting in application crash with no data theft or code execution capability. No public exploit identified at time of analysis; EPSS score of 0.12% indicates low real-world exploitation probability despite moderate CVSS rating.
Safari and related Apple platforms crash when processing maliciously crafted web content due to a memory handling vulnerability (buffer overflow). Affects Safari 18.5 and earlier, iOS 18.5 and earlier, iPadOS 18.5 and earlier, macOS Sequoia 15.5 and earlier, tvOS 18.5 and earlier, visionOS 2.5 and earlier, and watchOS 11.5 and earlier. An unauthenticated remote attacker can trigger a denial of service by hosting or injecting malicious web content, with user interaction required to visit the affected content. No public exploit code or active exploitation has been confirmed (EPSS 0.08% indicates minimal real-world exploitation activity to date).
Denial-of-service vulnerability in Apple's WebKit engine affects Safari, iOS, iPadOS, macOS, tvOS, visionOS, and watchOS through improper memory handling during web content processing. Local attackers without authentication can trigger this vulnerability via crafted web content to cause application crashes. Vendor-released patches are available across all affected platforms; EPSS score of 0.02% indicates minimal real-world exploitation likelihood despite the moderate CVSS 6.2 rating.
Out-of-bounds write vulnerability in WebKit across Apple's entire operating system ecosystem allows remote code execution via maliciously crafted web content without user interaction or authentication. Affects iOS, iPadOS, macOS (Ventura through Sequoia), tvOS, visionOS, and watchOS prior to July 2025 security updates. Despite a critical 9.8 CVSS score indicating maximum severity, EPSS probability remains low at 0.14% (34th percentile), and no public exploit identified at time of analysis, suggesting limited observed exploitation attempts despite the theoretical remote attack surface.
Buffer overflow memory corruption in Apple file parsing components allows remote code execution across iOS 18.6, iPadOS 18.6, macOS (Sequoia 15.6, Sonoma 14.7.7, Ventura 13.7.7), tvOS 18.6, visionOS 2.6, and watchOS 11.6. Unauthenticated attackers can trigger arbitrary code execution by delivering a maliciously crafted file requiring no user interaction beyond parsing. Despite CVSS 9.8 critical severity, EPSS score of 0.16% (37th percentile) indicates low observed exploitation probability. No public exploit identified at time of analysis and not listed in CISA KEV, suggesting theoretical risk exceeds current real-world threat activity.
Memory handling flaws in Apple's operating systems allow unauthenticated remote attackers to cause information disclosure and application crashes by sending maliciously crafted files. Affects iOS 18.x prior to 18.6, iPadOS 18.x prior to 18.6, macOS Sequoia prior to 15.6, tvOS prior to 18.6, and visionOS prior to 2.6. CVSS 9.1 (Critical) reflects network-accessible attack vector with no authentication required, though EPSS probability remains low at 0.12% (32nd percentile), and no public exploit or active exploitation confirmed at time of analysis.
Memory corruption in Apple's WebKit browser engine across Safari 18.x, iOS/iPadOS 18.x, macOS Sequoia 15.x, and other Apple operating systems allows remote attackers to achieve arbitrary code execution via maliciously crafted web content requiring only user interaction (visiting a malicious webpage). With CVSS 8.8 (High), the vulnerability enables complete system compromise (high confidentiality, integrity, and availability impact) but carries relatively low real-world exploitation probability (EPSS 0.10%, 27th percentile). No public exploit identified at time of analysis, and vendor-released patches are available across all affected platforms as of July-August 2025.
WebKit memory corruption in Safari 18.6 and multiple Apple platforms allows remote code execution when processing maliciously crafted web content, exploited in the wild as a zero-day.
Memory corruption in WebKit browser engine allows remote code execution across Apple's ecosystem (Safari 18.6, iOS/iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6) when users interact with maliciously crafted web content. The vulnerability stems from improper memory handling (CWE-119 buffer overflow) and requires no authentication but user interaction to trigger. EPSS score of 0.10% (26th percentile) indicates low observed exploitation probability, and no public exploit identified at time of analysis, though the CVSS 8.8 rating reflects the potential for complete system compromise if successfully exploited.
Remote denial-of-service in Apple operating systems (iOS, iPadOS, macOS, tvOS, visionOS, watchOS) allows unauthenticated network attackers to trigger unexpected system termination via improved checks bypass. Affects multiple OS versions prior to their respective May 2025 updates (iOS/iPadOS 18.5/17.7.9, macOS Sequoia 15.5/Ventura 13.7.7, tvOS 18.5, visionOS 2.5, watchOS 11.5). No public exploit identified at time of analysis. EPSS probability of 0.27% (51st percentile) suggests relatively low observed exploitation activity, though the network-accessible attack vector and lack of authentication requirements (CVSS AV:N/PR:N) create broad exposure surface across Apple's ecosystem.
The issue was addressed with improved checks. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A null pointer dereference was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A denial-of-service issue was addressed with improved input validation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved memory handling. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A permissions issue was addressed with additional restrictions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
A type confusion issue was addressed with improved memory handling. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
A race condition was addressed with additional validation. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
This issue was addressed by using HTTPS when sending information over the network. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved memory handling. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A cookie management issue was addressed with improved state management. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved bounds checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved bounds checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved bounds checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved bounds checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The issue was addressed with improved checks. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A use-after-free issue was addressed with improved memory management. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
An out-of-bounds read was addressed with improved input validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An information disclosure issue was addressed with improved private data redaction for log entries. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
The issue was addressed with improved memory handling. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
This issue was addressed with improved handling of symlinks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A logic issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
This issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
This issue was addressed through improved state management. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
This issue was addressed with improved handling of symlinks. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A path handling issue was addressed with improved logic. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A logic issue was addressed with improved file handling. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A memory corruption issue was addressed with improved input validation. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An information disclosure issue was addressed with improved private data redaction for log entries. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.
An information leakage was addressed with additional validation. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
This issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
This issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.