CVE ID
CVE-2025-31277
Vulnerability Name
Apple Multiple Products Buffer Overflow Vulnerability
- Project: Apple
- Product: Multiple Products
Date
- Date Added: 2026-03-20
- Due Date: 2026-04-03
Description
Apple Safari, iOS, watchOS, visionOS, iPadOS, macOS, and tvOS contain a buffer overflow vulnerability that could allow the processing of maliciously crafted web content which may lead to memory corruption.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Additional Notes
https://support.apple.com/en-us/124147 ; https://support.apple.com/en-us/124149 ; https://support.apple.com/en-us/124152 ; https://support.apple.com/en-us/124153 ; https://support.apple.com/en-us/124155 ; https://nvd.nist.gov/vuln/detail/CVE-2025-31277
Related Security News
- Apple expands iOS 18 updates to more iPhones to block DarkSword attacks
- CISA orders feds to patch DarkSword iOS flaws exploited attacks
- CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026
Top comments (0)