{"vulnerability": "CVE-2025-3122", "sightings": [{"uuid": "d2ad9017-70ab-4aa6-8f93-2e9d8b5c755e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3122", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lluikvw57c2i", "content": "", "creation_timestamp": "2025-04-02T23:01:31.090134Z"}, {"uuid": "480c81c7-54bd-4664-8166-b17dac95db75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31221", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lpimn42o5k2k", "content": "", "creation_timestamp": "2025-05-19T03:23:01.866922Z"}, {"uuid": "34fe4eaa-2f9e-4bfd-9af0-0fbb2b9a01e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31224", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lpimn42o5k2k", "content": "", "creation_timestamp": "2025-05-19T03:23:01.961919Z"}, {"uuid": "df201797-b51a-4d65-b284-f51a901ce484", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31224", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16121", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31224\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to bypass certain Privacy preferences.\n\ud83d\udccf Published: 2025-05-12T21:42:33.877Z\n\ud83d\udccf Modified: 2025-05-13T14:18:02.220Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/122716\n2. https://support.apple.com/en-us/122717\n3. https://support.apple.com/en-us/122718", "creation_timestamp": "2025-05-13T14:30:41.000000Z"}, {"uuid": "494282de-426a-4104-8825-f41502d9c263", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31229", "type": "seen", "source": "https://bsky.app/profile/pocarosa2381.xiaoyaoniang.com/post/3lvgw72xc7c2o", "content": "", "creation_timestamp": "2025-08-02T19:40:01.208979Z"}, {"uuid": "8c1c74a9-019d-491d-8cf0-0f1c7c8244bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31221", "type": "seen", "source": "Telegram/B6_vWUmFTVCX1yfhELfHqaTN2Gx6ui5cUH0-W9-255yNy0M", "content": "", "creation_timestamp": "2026-04-02T22:17:09.000000Z"}, {"uuid": "b3ea9474-2dde-47cb-b718-843a1ffa090d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31222", "type": "seen", "source": "Telegram/B6_vWUmFTVCX1yfhELfHqaTN2Gx6ui5cUH0-W9-255yNy0M", "content": "", "creation_timestamp": "2026-04-02T22:17:09.000000Z"}, {"uuid": "d96aee4f-4dff-43fe-a08b-1d8c0e4d6167", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31223", "type": "seen", "source": "Telegram/B6_vWUmFTVCX1yfhELfHqaTN2Gx6ui5cUH0-W9-255yNy0M", "content": "", "creation_timestamp": "2026-04-02T22:17:09.000000Z"}, {"uuid": "224d5283-8262-4702-b211-75bfb0e1c84d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31224", "type": "seen", "source": "Telegram/uS-LGh_eIl2lI_O3kT7MFmdoi3VL-1CYgYB6CRF5I8i3PT0", "content": "", "creation_timestamp": "2026-04-02T22:17:20.000000Z"}, {"uuid": "1ebf4517-921e-4a91-a094-18bdce747d8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3122", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10153", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-3122\n\ud83d\udd25 CVSS Score: 2.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability classified as problematic was found in WebAssembly wabt 1.0.36. Affected by this vulnerability is the function BinaryReaderInterp::BeginFunctionBody of the file src/interp/binary-reader-interp.cc. The manipulation leads to null pointer dereference. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-04-02T22:00:14.705Z\n\ud83d\udccf Modified: 2025-04-02T22:00:14.705Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.303013\n2. https://vuldb.com/?ctiid.303013\n3. https://vuldb.com/?submit.525091\n4. https://github.com/WebAssembly/wabt/issues/2565\n5. https://github.com/WebAssembly/wabt/issues/2565#issue-2927572319", "creation_timestamp": "2025-04-02T22:34:42.000000Z"}, {"uuid": "aacad93e-1db2-41c2-b8c1-b376515dc7fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31220", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16065", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31220\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A privacy issue was addressed by removing sensitive data. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. A malicious app may be able to read sensitive location information.\n\ud83d\udccf Published: 2025-05-12T21:43:05.277Z\n\ud83d\udccf Modified: 2025-05-12T21:43:05.277Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/122716\n2. https://support.apple.com/en-us/122405\n3. https://support.apple.com/en-us/122717\n4. https://support.apple.com/en-us/122718", "creation_timestamp": "2025-05-12T22:29:16.000000Z"}, {"uuid": "1da496a6-caeb-43fd-954c-b8b366003627", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3122", "type": "seen", "source": "https://t.me/cvedetector/21914", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-3122 - Microsoft WebAssembly wabt Null Pointer Dereference Remote Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-3122 \nPublished : April 2, 2025, 10:15 p.m. | 20\u00a0minutes ago \nDescription : A vulnerability classified as problematic was found in WebAssembly wabt 1.0.36. Affected by this vulnerability is the function BinaryReaderInterp::BeginFunctionBody of the file src/interp/binary-reader-interp.cc. The manipulation leads to null pointer dereference. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. \nSeverity: 3.1 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-03T01:01:19.000000Z"}, {"uuid": "88012740-47da-4440-9a92-bed25a7ceaf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31225", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16209", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31225\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.5 and iPadOS 18.5. Call history from deleted apps may still appear in spotlight search results.\n\ud83d\udccf Published: 2025-05-12T21:42:33.096Z\n\ud83d\udccf Modified: 2025-05-13T19:11:13.061Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/122404", "creation_timestamp": "2025-05-13T19:31:06.000000Z"}, {"uuid": "3565863c-5cba-42ec-b692-2ada1e166e48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31223", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16279", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31223\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption.\n\ud83d\udccf Published: 2025-05-12T21:42:17.904Z\n\ud83d\udccf Modified: 2025-05-14T04:01:02.555Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/122720\n2. https://support.apple.com/en-us/122716\n3. https://support.apple.com/en-us/122404\n4. https://support.apple.com/en-us/122721\n5. https://support.apple.com/en-us/122722\n6. https://support.apple.com/en-us/122719", "creation_timestamp": "2025-05-14T04:31:49.000000Z"}, {"uuid": "e06bd83a-35a3-4db5-a39f-74bf8e033d69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31222", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16276", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31222\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A correctness issue was addressed with improved checks. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A user may be able to elevate privileges.\n\ud83d\udccf Published: 2025-05-12T21:42:24.325Z\n\ud83d\udccf Modified: 2025-05-14T04:01:07.096Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/122720\n2. https://support.apple.com/en-us/122716\n3. https://support.apple.com/en-us/122404\n4. https://support.apple.com/en-us/122717\n5. https://support.apple.com/en-us/122721\n6. https://support.apple.com/en-us/122722\n7. https://support.apple.com/en-us/122718", "creation_timestamp": "2025-05-14T04:31:46.000000Z"}, {"uuid": "108942b5-dc31-4fdb-bf99-b1d6bd9afd5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31226", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16315", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31226\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A logic issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5. Processing a maliciously crafted image may lead to a denial-of-service.\n\ud83d\udccf Published: 2025-05-12T21:42:49.304Z\n\ud83d\udccf Modified: 2025-05-14T14:20:02.678Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/122720\n2. https://support.apple.com/en-us/122716\n3. https://support.apple.com/en-us/122405\n4. https://support.apple.com/en-us/122404\n5. https://support.apple.com/en-us/122721\n6. https://support.apple.com/en-us/122722", "creation_timestamp": "2025-05-14T14:32:01.000000Z"}, {"uuid": "3f727bab-743b-4585-8985-b50b1a40fb81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31227", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16313", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-31227\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5. An attacker with physical access to a device may be able to access a deleted call recording.\n\ud83d\udccf Published: 2025-05-12T21:42:47.675Z\n\ud83d\udccf Modified: 2025-05-14T14:23:51.144Z\n\ud83d\udd17 References:\n1. https://support.apple.com/en-us/122404", "creation_timestamp": "2025-05-14T14:31:59.000000Z"}, {"uuid": "96d69439-3781-48fa-887a-23f6b31c99d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31222", "type": "seen", "source": "https://t.me/true_secator/7025", "content": "Apple \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0442\u0435\u043a\u0435 macOS, iPhone \u0438 iPad, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0440\u044f\u0434\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 RCE.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u0430\u044f iOS 18.5, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u0430\u044f \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u043f\u0430\u0442\u0447\u0430\u043c\u0438 \u0434\u043b\u044f  iPadOS, \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 AppleJPEG \u0438 CoreMedia, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u043c\u0435\u0434\u0438\u0430\u0444\u0430\u0439\u043b\u044b \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0444\u0438\u043a\u0441\u0438\u043b\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 CoreAudio, CoreGraphics \u0438 ImageIO, \u043a\u0430\u0436\u0434\u0430\u044f \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u0430 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u0431\u043e\u044e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438\u043b\u0438 \u0443\u0442\u0435\u0447\u043a\u0435 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0430.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 iOS 18.5 \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 9 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\nWebKit, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u0447\u0435\u0440\u0435\u0437 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442, \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u0438\u043b\u0438 \u0441\u0431\u043e\u044e \u0434\u0432\u0438\u0436\u043a\u0430 Safari.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 \u00ab\u043a\u043d\u043e\u043f\u043a\u0438 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0437\u0432\u0443\u043a\u0430\u00bb \u0432 FaceTime, \u0438\u0437-\u0437\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0430\u0443\u0434\u0438\u043e\u0437\u0430\u043f\u0438\u0441\u044c \u0440\u0430\u0437\u0433\u043e\u0432\u043e\u0440\u0430 \u043c\u043e\u0433\u043b\u0430 \u043e\u0441\u0442\u0430\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0439 \u0434\u0430\u0436\u0435 \u043f\u043e\u0441\u043b\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u043c\u0438\u043a\u0440\u043e\u0444\u043e\u043d\u0430.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Apple, \u0432 iOS 18.5 \u0443\u0441\u0438\u043b\u0435\u043d\u0430 \u0437\u0430\u0449\u0438\u0442\u0430 \u044f\u0434\u0440\u0430 \u0432 \u0447\u0430\u0441\u0442\u0438 \u0434\u0432\u0443\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0441 \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435\u043c \u043f\u0430\u043c\u044f\u0442\u0438 \u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c libexpat (CVE-2024-8176), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0448\u0438\u0440\u043e\u043a\u0438\u0439 \u0441\u043f\u0435\u043a\u0442\u0440 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439.\n\n\u0421\u0440\u0435\u0434\u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0432\u0430\u0436\u043d\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438:\n\n- CVE-2025-31214 \u0432 Baseband, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0438\u043c\u0441\u044f \u0432 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0438\u0438 \u0432 \u0441\u0435\u0442\u0438, \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0442\u0440\u0430\u0444\u0438\u043a \u043d\u0430 \u043d\u043e\u0432\u043e\u0439 \u043b\u0438\u043d\u0435\u0439\u043a\u0435 iPhone 16e; \n- EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 mDNSResponder (CVE-2025-31222);\n- \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432 Notes, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0434\u0430\u043d\u043d\u044b\u0435 \u0441 \u0437\u0430\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u044d\u043a\u0440\u0430\u043d\u0430 iPhone;\n- \u0430 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0432 FrontBoard, iCloud Document Sharing \u0438 Mail Addressing.\n\nApple \u043d\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442 \u043e \u0442\u043e\u043c, \u0447\u0442\u043e \u043a\u0430\u043a\u0438\u0435-\u043b\u0438\u0431\u043e \u043e\u0448\u0438\u0431\u043a\u0438 \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 iOS 18.5 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0434\u043b\u044f iPhone XS \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439; \u0441\u043e\u043f\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0439 \u0432\u044b\u043f\u0443\u0441\u043a iPadOS \u043e\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0435\u0442 iPad Pro (2018 \u0438 \u043d\u043e\u0432\u0435\u0435), iPad Air 3, iPad 7, iPad mini 5 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0435 \u043c\u043e\u0434\u0435\u043b\u0438.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043a\u0440\u0443\u043f\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f macOS Sequoia, macOS Sonoma, macOS Ventura, WatchOS, tvOS \u0438 visionOS.", "creation_timestamp": "2025-05-13T12:40:08.000000Z"}, {"uuid": "8300d4c6-72c8-4358-ae4d-1df891b5fa51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-31222", "type": "seen", "source": "https://t.me/CyberBulletin/3256", "content": "\u26a1\ufe0fBeneath the interface, Apple said iOS 18.5 hardens the kernel against two memory-corruption issues and cleans up a libexpat flaw (CVE-2024-8176) that affects a broad range of software projects. \n\nOther notable fixes include an issue in Baseband (CVE-2025-31214) that allows attackers in a privileged network position to intercept traffic on the new iPhone 16e line; a privilege escalation bug in mDNSResponder (CVE-2025-31222); an issue in Notes that expose data from a locked iPhone screen; and security gaps in FrontBoard, iCloud Document Sharing, and Mail Addressing.\n\n#CyberBulletin", "creation_timestamp": "2025-05-13T04:32:06.000000Z"}]}