CVE-2025-31277
HIGH KEVApple Safari < 18.6 - Memory Corruption
Title source: ruleDescription
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may lead to memory corruption.
References (12)
Scores
CVSS v3
8.8
EPSS
0.0013
EPSS Percentile
32.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CISA KEV
2026-03-20
VulnCheck KEV
2026-03-18
CWE
CWE-119
Status
published
Products (13)
apple/safari
< 18.6
apple/ipados
< 18.6
apple/iphone_os
< 18.6
apple/macos
< 15.6
apple/tvos
< 18.6
apple/visionos
< 2.6
apple/watchos
< 11.6
Apple/tvOS
< 18.6
Apple/visionOS
< 2.6
Apple/watchOS
< 11.6
... and 3 more
Published
Jul 30, 2025
KEV Added
Mar 20, 2026
Tracked Since
Feb 18, 2026