CVE-2025-31277
CVSS Score
8.8
EPSS Score
0.0%
EPSS Percentile
0th
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption.
| Vendor | apple |
| Product | safari |
| Ecosystems | |
| Industries | Technology |
| Published | Jul 29, 2025 |
| Last Updated | Apr 2, 2026 |
โ ๏ธ Actively Exploited โ Act Now
Get instant alerts for apple safari
This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2025-31277.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Apple / Safari
0 < 18.6
Apple / iOS and iPadOS
0 < 18.6
Apple / macOS
0 < 15.6
Apple / tvOS
0 < 18.6
Apple / visionOS
0 < 2.6
Apple / watchOS
0 < 11.6
References
support.apple.com: https://support.apple.com/en-us/124147 support.apple.com: https://support.apple.com/en-us/124149 support.apple.com: https://support.apple.com/en-us/124152 support.apple.com: https://support.apple.com/en-us/124153 support.apple.com: https://support.apple.com/en-us/124154 support.apple.com: https://support.apple.com/en-us/124155 cloud.google.com: https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain/ cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-31277 seclists.org: http://seclists.org/fulldisclosure/2025/Aug/0 seclists.org: http://seclists.org/fulldisclosure/2025/Jul/36 seclists.org: http://seclists.org/fulldisclosure/2025/Jul/32 seclists.org: http://seclists.org/fulldisclosure/2025/Jul/30