Memory Handling Vulnerability in Apple's Safari 18.5
CVE-2025-31257

4.7MEDIUM

Key Information:

Vendor: Apple
Status: TV OS; Mac OS; iOS And iPad OS; Visionos
Vendor: CVE Published:; 12 May 2025

What is CVE-2025-31257?

A memory handling issue in Apple's Safari browser has been identified, which could be exploited through the processing of maliciously crafted web content. This vulnerability may result in unexpected behavior, including potential crashes of the Safari browser, impacting user experience and device security. Apple has addressed this concern in multiple updates, reinforcing the need for users to keep their systems up to date to mitigate risks associated with web browsing.

Affected Version(s)

iOS and iPadOS < 18.5

macOS < 15.5

Safari < 18.5

References

https://support.apple.com/en-us/122720

https://support.apple.com/en-us/122716

https://support.apple.com/en-us/122404

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2025
Vulnerability Reserved
Mar 27, 2025