CVE-2025-31277
Published: 30 July 2025
Summary
CVE-2025-31277 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Apple Safari. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Drive-by Compromise (T1189); ranked at the 48.9th percentile by exploit likelihood (below the median); CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
The vulnerability CVE-2025-31277 is a memory corruption flaw resulting from insufficient memory handling during the processing of web content. It affects Safari 18.6 along with iOS 18.6, iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, and watchOS 11.6, and is tracked under CWE-119 with a CVSS 3.1 score of 8.8.
An unauthenticated remote attacker can exploit the issue by delivering maliciously crafted web content that a user visits in the affected Apple software, leading to memory corruption that may enable arbitrary code execution or denial of service with high impact on confidentiality, integrity, and availability.
Apple security advisories state that the issue has been resolved by improved memory handling in the listed software versions and direct users to the corresponding updates on support.apple.com.
The current EPSS score stands at 0.0025 with no reported real-world exploitation.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-23063
Vulnerability details
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption.
- CWE(s)
- KEV Date Added
- 20 March 2026
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Memory corruption in WebKit enables RCE via malicious website visit (drive-by) and client-side exploitation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Implements memory protection mechanisms like address space randomization and data execution prevention to directly mitigate memory corruption exploits in WebKit.
Requires timely identification, reporting, and remediation of flaws such as the inadequate memory handling fixed in Safari 18.6 and related Apple OS updates.
Deploys malicious code protection to scan and block web content that could trigger the WebKit memory corruption vulnerability.