CVE-2025-24167
CRITICALDescription
This issue was addressed through improved state management. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, watchOS 11.4. A download's origin may be incorrectly associated.
Is your site exposed to CVE-2025-24167?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Affected Products
| Vendor | Product |
|---|---|
| apple | safari |
| apple | ipados |
| apple | iphone_os |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-24167? +
How severe is CVE-2025-24167? +
What products are affected by CVE-2025-24167? +
How do I check if I'm vulnerable to CVE-2025-24167? +
Related Vulnerabilities
A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15. An app may …
This issue was addressed with improved validation of file attributes. This issue is fixed in macOS Sequoia 15. An app …
Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer …
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Safari 18.3.1, …
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.3 and iPadOS …
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.8.5 and iPadOS 15.8.5, …