CVE-2025-31277: Apple Multiple Products Buffer Overflow Vulnerability

CVE ID

CVE-2025-31277

Vulnerability Name

Apple Multiple Products Buffer Overflow Vulnerability

• Project: Apple
• Product: Multiple Products

Date

• Date Added: 2026-03-20
• Due Date: 2026-04-03

Description

Apple Safari, iOS, watchOS, visionOS, iPadOS, macOS, and tvOS contain a buffer overflow vulnerability that could allow the processing of maliciously crafted web content which may lead to memory corruption.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://support.apple.com/en-us/124147 ; https://support.apple.com/en-us/124149 ; https://support.apple.com/en-us/124152 ; https://support.apple.com/en-us/124153 ; https://support.apple.com/en-us/124155 ; https://nvd.nist.gov/vuln/detail/CVE-2025-31277

Related Security News

• CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

More CVEs Info

Common Vulnerabilities & Exposures (CVE) List