Apple Uses LLMs for vuln discovery
CPE vendor key: apple ·
2,975 CVEs published in the last 24 months.
CVEs (365 d)
1,955
▲ +260 vs prior 30d
Avg CVSS (365 d)
6.94
over 1,955 CVEs
Avg EPSS pct (365 d)
0.17
higher = more likely exploited
KEV hit rate (365 d)
1.0%
19 of 1,955 added to CISA KEV
LLM-credited CVEs
93
Openai 93
Monthly CVE volume — last 24 months
Each point is one calendar month. Bars in the
severity card to the right slice the same volume by CVSS band.
Severity mix
Stacked by CVSS band (Critical / High / Medium /
Low) using the best available metric per CVE.
Top affected products (24 mo)
2,728
719
667
395
330
324
142
16
4
2
Distinct CVEs that include each product in their
CPE configuration.
Top CWEs (24 mo)
417
274
272
189
185
154
116
81
63
58
Distinct CVEs assigned each weakness.
Recent CISA KEV adds (last 12 months)
| Added | CVE | Product | KEV name |
|---|---|---|---|
| 2026-03-20 | CVE-2025-31277 | Multiple Products | Apple Multiple Products Buffer Overflow Vulnerability |
| 2026-03-20 | CVE-2025-43510 | Multiple Products | Apple Multiple Products Improper Locking Vulnerability |
| 2026-03-20 | CVE-2025-43520 | Multiple Products | Apple Multiple Products Classic Buffer Overflow Vulnerability |
| 2026-03-05 | CVE-2023-43000 | Multiple Products | Apple Multiple products Use-After-Free Vulnerability |
| 2026-02-12 | CVE-2026-20700 | Multiple Products | Apple Multiple Buffer Overflow Vulnerability |
| 2025-12-15 | CVE-2025-43529 | Multiple Products | Apple Multiple Products Use-After-Free WebKit Vulnerability |
| 2025-08-21 | CVE-2025-43300 | iOS, iPadOS, and macOS | Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability |
Filtered to KEV rows where the CISA vendor name matches this vendor,
to drop cross-OS noise (e.g. third-party Windows apps that CPE-map to
Microsoft).
LLM-credited CVEs from this vendor
| Published | CVE | LLM family | Model(s) |
|---|---|---|---|
| 2026-05-28 | CVE-2026-10001 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10002 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10003 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10004 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10005 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10006 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10007 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10009 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10012 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10013 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10015 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10016 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10018 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10019 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10021 | openai | OpenAI |
| 2026-05-28 | CVE-2026-10022 | openai | OpenAI |
| 2026-05-28 | CVE-2026-9873 | openai | OpenAI |
| 2026-05-28 | CVE-2026-9874 | openai | OpenAI |
| 2026-05-28 | CVE-2026-9877 | openai | OpenAI |
| 2026-05-28 | CVE-2026-9878 | openai | OpenAI |
| 2026-05-28 | CVE-2026-9879 | openai | OpenAI |
| 2026-05-28 | CVE-2026-9880 | openai | OpenAI |
| 2026-05-28 | CVE-2026-9881 | openai | OpenAI |
| 2026-05-28 | CVE-2026-9882 | openai | OpenAI |
| 2026-05-28 | CVE-2026-9883 | openai | OpenAI |
From
mythos_attributed_cves: CVEs whose NVD description
or vendor advisory credits an LLM-assisted discovery. Confidence is
high for every row.
Generated 19 June 2026 13:18 UTC <span class="time-ago" data-iso="2026-06-19T13:18:30Z"></span>.