CVE & Exploit Intelligence Database

Updated 1h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

337,123 CVEs tracked 53,223 with exploits 4,686 exploited in wild 1,539 CISA KEV 3,912 Nuclei templates 37,757 vendors 42,429 researchers

93 results Clear all

CVE-2025-31186 3.3 LOW EPSS 0.00

Apple Xcode < 16.3 - Improper Access Control

A permissions issue was addressed with additional restrictions. This issue is fixed in Xcode 16.3. An app may be able to bypass Privacy preferences.

CWE-284 Jan 16, 2026

CVE-2025-43505 8.8 HIGH EPSS 0.00

Xcode <26.1 - Buffer Overflow

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Xcode 26.1. Processing a maliciously crafted file may lead to heap corruption.

CWE-787 Nov 04, 2025

CVE-2025-43504 4.9 MEDIUM 1 PoC Analysis EPSS 0.00

Xcode <26.1 - Buffer Overflow

A buffer overflow was addressed with improved bounds checking. This issue is fixed in Xcode 26.1. A user in a privileged network position may be able to cause a denial-of-service.

CWE-119 Nov 04, 2025

CVE-2025-43375 5.5 MEDIUM EPSS 0.00

Xcode <26 - Use After Free

The issue was addressed with improved checks. This issue is fixed in Xcode 26. Processing an overly large path value may crash a process.

CWE-20 Sep 15, 2025

CVE-2025-43371 8.2 HIGH EPSS 0.00

Xcode <26 - Privilege Escalation

This issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to break out of its sandbox.

CWE-284 Sep 15, 2025

CVE-2025-43370 4.0 MEDIUM EPSS 0.00

Xcode <26 - Info Disclosure

A path handling issue was addressed with improved validation. This issue is fixed in Xcode 26. Processing an overly large path value may crash a process.

CWE-120 Sep 15, 2025

CVE-2025-43263 7.1 HIGH EPSS 0.00

Xcode <26 - Info Disclosure

The issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to read and write files outside of its sandbox.

CWE-284 Sep 15, 2025

CVE-2025-48384 8.0 HIGH KEV 53 PoCs Analysis EPSS 0.00

Git - Info Disclosure

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. This vulnerability is fixed in v2.43.7, v2.44.4, v2.45.4, v2.46.4, v2.47.3, v2.48.2, v2.49.1, and v2.50.1.

CWE-436 Jul 08, 2025

CVE-2025-30441 5.5 MEDIUM EPSS 0.00

Xcode <16.3 - Info Disclosure

This issue was addressed through improved state management. This issue is fixed in Xcode 16.3. An app may be able to overwrite arbitrary files.

CWE-787 Mar 31, 2025

CVE-2025-24226 5.5 MEDIUM EPSS 0.00

Apple Xcode < 16.3 - Information Disclosure

The issue was addressed with improved checks. This issue is fixed in Xcode 16.3. A malicious app may be able to access private information.

CWE-200 Mar 31, 2025

CVE-2024-44228 7.5 HIGH EPSS 0.00

Apple Xcode < 16.0 - Incorrect Default Permissions

This issue was addressed with improved permissions checking. This issue is fixed in Xcode 16. An app may be able to inherit Xcode permissions and access user data.

CWE-276 Oct 28, 2024

CVE-2024-44191 5.5 MEDIUM EPSS 0.00

Apple Xcode < 16.0 - Denial of Service

This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, Xcode 16, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. An app may gain unauthorized access to Bluetooth.

CVE-2024-44162 7.8 HIGH EPSS 0.00

Apple Xcode < 16.0 - Incorrect Authorization

This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 16. A malicious application may gain access to a user's Keychain items.

CWE-863 Sep 17, 2024

CVE-2024-40862 5.3 MEDIUM EPSS 0.00

Xcode <16 - Info Disclosure

A privacy issue was addressed by removing sensitive data. This issue is fixed in Xcode 16. An attacker may be able to determine the Apple ID of the owner of the computer.

CWE-200 Sep 17, 2024

CVE-2024-23298 5.5 MEDIUM 1 PoC Analysis EPSS 0.03

Logic Issue - Info Disclosure

A logic issue was addressed with improved state management.

CVE-2023-40435 5.5 MEDIUM EPSS 0.00

Xcode <15 - Info Disclosure

This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials.

CVE-2023-40391 5.5 MEDIUM EPSS 0.00

Apple Xcode < 15.0 - Denial of Service

The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, macOS Sonoma 14, Xcode 15. An app may be able to disclose kernel memory.

CVE-2023-32396 7.8 HIGH EPSS 0.00

Apple Xcode < 15.0 - Denial of Service

This issue was addressed with improved checks. This issue is fixed in Xcode 15, tvOS 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to gain elevated privileges.

CVE-2022-32920 5.5 MEDIUM EPSS 0.00

Xcode <14.0 - Info Disclosure

The issue was addressed with improved checks. This issue is fixed in Xcode 14.0. Parsing a file may lead to disclosure of user information.

CVE-2023-27967 8.6 HIGH EPSS 0.00

Xcode <14.3 - Code Injection

The issue was addressed with improved memory handling. This issue is fixed in Xcode 14.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges.