THREATOPS
THREAT OPSCVEs › CVE-2025-24201

CVE-2025-24201 — Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability

CISA KEVExploited: confirmedApple

Apple iOS, iPadOS, macOS, and other Apple products contain an out-of-bounds write vulnerability in WebKit that may allow maliciously crafted web content to break out of Web Content sandbox. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely on WebKit for HTML processing.

Vulnerability details