CVE-2025-31277

HIGH

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption.

CVSS v3.1 Score

8.8
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Complexity
LOW
Privileges
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH
Published: 7/30/2025Modified: 7/1/2026

Related Intelligence (0)

No articles currently reference this CVE.

References (25)

https://support.apple.com/en-us/124147Release NotesVendor Advisoryhttps://support.apple.com/en-us/124149Release NotesVendor Advisoryhttps://support.apple.com/en-us/124152Release NotesVendor Advisoryhttps://support.apple.com/en-us/124153Release NotesVendor Advisoryhttps://support.apple.com/en-us/124154Release NotesVendor Advisoryhttps://support.apple.com/en-us/124155Release NotesVendor Advisoryhttp://seclists.org/fulldisclosure/2025/Aug/0Mailing ListThird Party Advisoryhttp://seclists.org/fulldisclosure/2025/Jul/30Mailing ListThird Party Advisoryhttp://seclists.org/fulldisclosure/2025/Jul/32Mailing ListThird Party Advisoryhttp://seclists.org/fulldisclosure/2025/Jul/36Mailing ListThird Party Advisoryhttps://access.redhat.com/errata/RHSA-2025:17643Third Party Advisoryhttps://access.redhat.com/errata/RHSA-2025:17741Third Party Advisoryhttps://access.redhat.com/errata/RHSA-2025:17743Third Party Advisoryhttps://access.redhat.com/errata/RHSA-2025:17802Third Party Advisoryhttps://access.redhat.com/errata/RHSA-2025:17807Third Party Advisoryhttps://access.redhat.com/errata/RHSA-2025:18097Third Party Advisoryhttps://access.redhat.com/errata/RHSA-2025:19109Third Party Advisoryhttps://access.redhat.com/errata/RHSA-2025:19157Third Party Advisoryhttps://access.redhat.com/errata/RHSA-2025:19165Third Party Advisoryhttps://access.redhat.com/errata/RHSA-2025:19352Third Party Advisoryhttps://access.redhat.com/security/cve/CVE-2025-31277Third Party Advisoryhttps://bugzilla.redhat.com/show_bug.cgi?id=2448780Third Party Advisoryhttps://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain/Technical Descriptionhttps://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-31277.jsonThird Party Advisoryhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-31277US Government Resource