CVE-2023-41991CISA KEVEPSS p90.4%

CVE-2023-41991Apple Multiple Products Improper Certificate Validation Vulnerability

Apple / Multiple Products

Description

Apple iOS, iPadOS, macOS, and watchOS contain an improper certificate validation vulnerability that can allow a malicious app to bypass signature validation.

Scoring

EPSS4.55% probability of exploitation · percentile 90.4% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2023-09-25

(incoming)1

TypeTargetConfidenceTier
KEVEntryApple Multiple Products Improper Certificate Validation Vulnerabilitykev-cve-2023-419910%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
Apple Multiple Products Kernel Privilege Escalation Vulnerability
CVE
Apple Multiple Products Code Execution Vulnerability
CVE
Apple Multiple Products Memory Corruption Vulnerability
CVE
Apple Multiple Products WebKit Code Execution Vulnerability
CVE
Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability
CVE
Apple Multiple Products Improper Locking Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.