CVE-2025-31281

Description

An input validation issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6. Processing a maliciously crafted file may lead to unexpected app termination.

PUBLISHED Reserved 2025-03-27 | Published 2025-07-29 | Updated 2026-04-02 | Assigner apple

Problem types

Processing a maliciously crafted file may lead to unexpected app termination

Product status

References

seclists.org/fulldisclosure/2025/Jul/37

seclists.org/fulldisclosure/2025/Jul/36

seclists.org/fulldisclosure/2025/Jul/32

seclists.org/fulldisclosure/2025/Jul/30

support.apple.com/en-us/124147

support.apple.com/en-us/124149

support.apple.com/en-us/124153

support.apple.com/en-us/124154

cve.org (CVE-2025-31281)

nvd.nist.gov (CVE-2025-31281)

Download JSON