CVE-2025-31277

CWE-119Buffer Overflow23 documents10 sources
8.8
CVSS
HIGH
EPSS0.2%(39th)
CISA KEV
CISA Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages7 packages

NVDapple/tvos< 18.6
NVDapple/macos< 15.6
NVDapple/ipados< 18.6
NVDapple/safari< 18.6
NVDapple/watchos< 11.6
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption.
NVDMITRE

🔴Vulnerability Details

2
CVEList
CVE-2025-31273: The issue was addressed with improved memory handling2025-07-29
VulnCheck
Apple Multiple Products Buffer Overflow Vulnerability2025

📋Vendor Advisories

9
CISA
Apple Multiple Products Buffer Overflow Vulnerability2026-03-20
Red Hat
webkitgtk: Processing maliciously crafted web content may lead to memory corruption2026-03-18
Apple
CVE-2025-31277: Safari 18.62025-07-30
Apple
CVE-2025-31277: watchOS 11.62025-07-29
Apple
CVE-2025-31277: visionOS 2.62025-07-29

🕵️Threat Intelligence

3
Bleepingcomputer
Apple expands iOS 18 updates to more iPhones to block DarkSword attacks2026-04-01
Bleepingcomputer
CISA orders feds to patch DarkSword iOS flaws exploited attacks2026-03-23
Bleepingcomputer
New DarkSword iOS exploit used in infostealer attack on iPhones2026-03-18

💬Community

6
FullDisc
APPLE-SA-07-30-2025-1 Safari 18.62025-07-30
FullDisc
APPLE-SA-07-29-2025-7 tvOS 18.62025-07-29
FullDisc
APPLE-SA-07-29-2025-3 macOS Sequoia 15.62025-07-29
FullDisc
APPLE-SA-07-29-2025-8 visionOS 2.62025-07-29
FullDisc
APPLE-SA-07-29-2025-6 watchOS 11.62025-07-29