CVE-2025-31281CRITICAL 9.1EPSS p59.9%
CVE-2025-31281CVE-2025-31281
Description
An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. Processing a maliciously crafted file may lead to unexpected app termination.
Scoring
| CVSS 3.1 | 9.1 (CRITICAL) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
| EPSS | 1.05% probability of exploitation · percentile 59.9% · 2026-06-18T12:00:27Z |
| Published | 2025-07-30 |
| Last modified | 2026-04-02 |
Underlying weaknesses· 1
References
- https://support.apple.com/en-us/124147
- https://support.apple.com/en-us/124149
- https://support.apple.com/en-us/124153
- https://support.apple.com/en-us/124154
- http://seclists.org/fulldisclosure/2025/Jul/30
- http://seclists.org/fulldisclosure/2025/Jul/32
- http://seclists.org/fulldisclosure/2025/Jul/36
- http://seclists.org/fulldisclosure/2025/Jul/37
1
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Weakness | Improper Input Validationcwe-20 | 0% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.