KEV · Actively exploited
CVE-2025-31277
N/A
KEV
[Apple WebKit] Processing maliciously crafted web content may lead to memory corruption
EPSS
0.25%
exploit very unlikely
percentile 48.8%
CISA Known Exploited Vulnerability
- Added to KEV
- 2026-03-20
- Remediation deadline
- 2026-04-03
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Ransomware
- No
OS versions that fix this CVE
This CVE is resolved by the following OS security releases. Update the OS to at least the listed version.