Apple macOS/iOS Security Update: Kernel Privilege Escalation, Memory Leak, and Sandbox Bypass CVEs

Critical Vulnerability Information afps Impact: Mounting a maliciously crafted AFP network share may cause system termination. CVE: CVE-2025-31246, CVE-2025-31257 AppleJPEG Impact: Processing a maliciously crafted media file may lead to unexpected application termination or memory corruption. CVE: CVE-2025-31255 Audio Impact: Applications may cause unexpected system termination. CVE: CVE-2025-31252 CoreAudio Impact: Parsing files may lead to unexpected application termination. CVE: CVE-2025-31986 CoreGraphics Impact: Processing maliciously crafted files may result in denial of service or potential leakage of memory contents. CVE: CVE-2025-31250 CoreMedia Impact: Parsing files may lead to unexpected application termination. CVE: CVE-2025-31259 DiskArbitration Impact: Applications may gain elevated privileges. CVE: CVE-2025-30453 iCloud Document Sharing Impact: Applications may enable sharing of iCloud folders without authentication. CVE: CVE-2025-30484 Installer Impact: Malicious applications may access sensitive user data. CVE: CVE-2025-31253 Kernel Impact: Applications may leak sensitive kernel state. CVE: CVE-2025-24146 Libinfo Impact: Applications may bypass ASLR. CVE: CVE-2025-30440 mDNSResponder Impact: Users may gain elevated privileges. CVE: CVE-2025-31222 Mobile Device Service Impact: Malicious applications may gain elevated privileges. CVE: CVE-2025-24276 Notification Center Impact: Applications may access sensitive user data. CVE: CVE-2025-24142 Pro Res Impact: Applications may cause unexpected system termination. CVE: CVE-2025-31248 Sandbox Impact: Applications may bypass certain privacy preferences. CVE: CVE-2025-31242 Security Impact: Remote attackers may leak memory. CVE: CVE-2025-31272 ShareFileList Impact: Attackers may gain access to protected parts of the filesystem. CVE: CVE-2025-31245 SoftwareUpdate Impact: Applications may gain elevated privileges. CVE: CVE-2025-30442 StoreKit Impact: Applications may access sensitive user data. CVE: CVE-2025-31242 Weather Impact: Malicious applications may read sensitive location information. CVE: CVE-2025-31223 WebContentFilter Impact: Applications may leak kernel memory. CVE: CVE-2025-24165

Goal Reached Thanks to every supporter — we hit 100%!

Apple macOS/iOS Security Update: Kernel Privilege Escalation, Memory Leak, and Sandbox Bypass CVEs