The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
01 Jul 2026, 14:46
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_aus:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_tus:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_aus:8.2:*:*:*:*:*:*:* cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_tus:8.8:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_aus:8.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_els:7.0:*:*:*:*:*:*:* cpe:2.3:a:wpewebkit:wpe_webkit:*:*:*:*:*:*:*:* |
|
| References | () https://access.redhat.com/errata/RHSA-2025:17643 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:17741 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:17743 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:17802 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:17807 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:18097 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:19109 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:19157 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:19165 - Third Party Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2025:19352 - Third Party Advisory | |
| References | () https://access.redhat.com/security/cve/CVE-2025-31277 - Third Party Advisory | |
| References | () https://bugzilla.redhat.com/show_bug.cgi?id=2448780 - Third Party Advisory | |
| References | () https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-31277.json - Third Party Advisory | |
| First Time |
Webkitgtk webkitgtk
Redhat enterprise Linux Redhat enterprise Linux Aus Wpewebkit wpe Webkit Redhat enterprise Linux Tus Redhat Webkitgtk Wpewebkit Redhat enterprise Linux Update Services For Sap Solutions Redhat enterprise Linux Eus Redhat enterprise Linux Els |
30 Jun 2026, 03:16
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-120 | |
| References |
|
02 Apr 2026, 19:19
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | (en) The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to memory corruption. |
20 Mar 2026, 18:53
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://seclists.org/fulldisclosure/2025/Aug/0 - Mailing List, Third Party Advisory | |
| References | () http://seclists.org/fulldisclosure/2025/Jul/30 - Mailing List, Third Party Advisory | |
| References | () http://seclists.org/fulldisclosure/2025/Jul/32 - Mailing List, Third Party Advisory | |
| References | () http://seclists.org/fulldisclosure/2025/Jul/36 - Mailing List, Third Party Advisory | |
| References | () https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain/ - Technical Description | |
| References | () https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-31277 - US Government Resource |
20 Mar 2026, 16:16
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
19 Mar 2026, 18:16
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
03 Nov 2025, 20:18
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
31 Jul 2025, 21:00
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://support.apple.com/en-us/124147 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/124149 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/124152 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/124153 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/124154 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/124155 - Release Notes, Vendor Advisory | |
| CPE | cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* |
|
| First Time |
Apple ipados
Apple iphone Os Apple watchos Apple tvos Apple safari Apple visionos Apple Apple macos |
31 Jul 2025, 18:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-119 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
30 Jul 2025, 23:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
|
| Summary |
|
|
| Summary | (en) The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may lead to memory corruption. |
30 Jul 2025, 00:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-07-30 00:15
Updated : 2026-07-01 14:46
NVD link : CVE-2025-31277
Mitre link : CVE-2025-31277
CVE.ORG link : CVE-2025-31277
JSON object : View
Products Affected
apple
- ipados
- tvos
- watchos
- safari
- visionos
- macos
- iphone_os
redhat
- enterprise_linux_aus
- enterprise_linux_eus
- enterprise_linux_els
- enterprise_linux_update_services_for_sap_solutions
- enterprise_linux
- enterprise_linux_tus
wpewebkit
- wpe_webkit
webkitgtk
- webkitgtk
