Vulnerability Description
An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. Processing a maliciously crafted file may lead to unexpected app termination.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Ipados | < 18.6 |
| Apple | Iphone Os | < 18.6 |
| Apple | Macos | < 15.6 |
| Apple | Tvos | < 18.6 |
| Apple | Visionos | < 2.6 |
Related Weaknesses (CWE)
References
- https://support.apple.com/en-us/124147Release NotesVendor Advisory
- https://support.apple.com/en-us/124149Release NotesVendor Advisory
- https://support.apple.com/en-us/124153Release NotesVendor Advisory
- https://support.apple.com/en-us/124154Release NotesVendor Advisory
- http://seclists.org/fulldisclosure/2025/Jul/30
- http://seclists.org/fulldisclosure/2025/Jul/32
- http://seclists.org/fulldisclosure/2025/Jul/36
- http://seclists.org/fulldisclosure/2025/Jul/37
FAQ
What is CVE-2025-31281?
CVE-2025-31281 is a vulnerability with a CVSS score of 9.1 (CRITICAL). An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. Processing a maliciously crafted fi...
How severe is CVE-2025-31281?
CVE-2025-31281 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-31281?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Ipados, Apple Iphone Os, Apple Macos, Apple Tvos, Apple Visionos.