About the security content of iOS 18.4 and iPadOS 18.4 - Apple Support

For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security releases page.

Apple security documents reference vulnerabilities by CVE-ID when possible.

For more information about security, see the Apple Product Security page.

Released March 31, 2025

Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later

Impact: An app may be able to access sensitive user data

Description: A logging issue was addressed with improved data redaction.

CVE-2025-24202: Zhongcheng Li from IES Red Team of ByteDance

Impact: Sensitive keychain data may be accessible from an iOS backup

Description: This issue was addressed with improved data access restriction.

CVE-2025-24221: Lehan Dilusha (@zafer), and an anonymous researcher

Entry updated May 28, 2025

Impact: An app may be able to read arbitrary file metadata

Description: A permissions issue was addressed with additional restrictions.

CVE-2025-24097: Ron Masas of BREAKPOINT.SH

Impact: An unauthenticated user on the same network as a signed-in Mac could send it AirPlay commands without pairing

Description: An access issue was addressed with improved access restrictions.

CVE-2025-24271: Uri Katz (Oligo Security)

Entry added April 28, 2025

Impact: An attacker on the local network may be able to leak sensitive user information

Description: This issue was addressed by removing the vulnerable code.

CVE-2025-24270: Uri Katz (Oligo Security)

Entry added April 28, 2025

Impact: An attacker on the local network may be able to cause a denial-of-service

Description: A null pointer dereference was addressed with improved input validation.

CVE-2025-31202: Uri Katz (Oligo Security)

Entry added April 28, 2025

Impact: An attacker on the local network may cause an unexpected app termination

Description: A use-after-free issue was addressed with improved memory management.

CVE-2025-24252: Uri Katz (Oligo Security)

Entry added April 28, 2025

Impact: An attacker on the local network may be able to bypass authentication policy

Description: An authentication issue was addressed with improved state management.

CVE-2025-24206: Uri Katz (Oligo Security)

Entry added April 28, 2025

Impact: An attacker on the local network may cause an unexpected app termination

Description: A type confusion issue was addressed with improved checks.

CVE-2025-30445: Uri Katz (Oligo Security)

Entry added April 28, 2025

Impact: An attacker on the local network may cause an unexpected app termination

Description: The issue was addressed with improved checks.

CVE-2025-24251: Uri Katz (Oligo Security)

CVE-2025-31197: Uri Katz (Oligo Security)

Entry added April 28, 2025

Impact: An app may be able to bypass ASLR

Description: An out-of-bounds access issue was addressed with improved bounds checking.

CVE-2025-43205: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative

Entry added July 29, 2025

Impact: Processing a maliciously crafted font may result in the disclosure of process memory

Description: The issue was addressed with improved memory handling.

CVE-2025-24244: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative

Impact: Processing a maliciously crafted file may lead to arbitrary code execution

Description: The issue was addressed with improved memory handling.

CVE-2025-24243: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative

Impact: Password autofill may fill in passwords after failing authentication

Description: This issue was addressed through improved state management.

CVE-2025-30430: Dominik Rath

Impact: A malicious website may be able to claim WebAuthn credentials from another website that shares a registrable suffix

Description: The issue was addressed with improved input validation.

CVE-2025-24180: Martin Kreichgauer of Google Chrome

Impact: An app may be able to cause unexpected system termination

Description: A buffer overflow was addressed with improved bounds checking.

CVE-2025-24237: Yutong Xiu (@Sou1gh0st)

Entry updated May 28, 2025

Impact: An app may be able to break out of its sandbox

Description: A path handling issue was addressed with improved validation.

CVE-2025-30429: Denis Tokarev (@illusionofcha0s)

Impact: An app may be able to break out of its sandbox

Description: This issue was addressed with improved checks.

CVE-2025-24212: Denis Tokarev (@illusionofcha0s)

Impact: Parsing a file may lead to an unexpected app termination

Description: The issue was addressed with improved checks.

CVE-2025-24163: Google Threat Analysis Group

Impact: Playing a malicious audio file may lead to an unexpected app termination

Description: An out-of-bounds read issue was addressed with improved input validation.

CVE-2025-24230: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative

Impact: Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2025-31196: wac working with Trend Micro Zero Day Initiative

Entry added May 28, 2025

Impact: Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory

Description: This issue was addressed with improved memory handling.

CVE-2025-24211: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative

Impact: Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory

Description: The issue was addressed with improved memory handling.

CVE-2025-24190: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative

Impact: A malicious app may be able to access private information

Description: A path handling issue was addressed with improved validation.

CVE-2025-30454: pattern-f (@pattern_F_)

Impact: An app may be able to access sensitive user data

Description: This issue was addressed through improved state management.

CVE-2025-31191: Jonathan Bar Or (@yo_yo_yo_jbo) of Microsoft, and an anonymous researcher

Impact: Processing a maliciously crafted font may result in the disclosure of process memory

Description: An out-of-bounds read issue was addressed with improved input validation.

CVE-2025-24182: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative

Impact: An attacker on the local network may be able to cause a denial-of-service

Description: An integer overflow was addressed with improved input validation.

CVE-2025-31203: Uri Katz (Oligo Security)

Entry added April 28, 2025

Impact: An input validation issue was addressed

Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.

CVE-2024-9681

Impact: An app may be able to gain root privileges

Description: A parsing issue in the handling of directory paths was addressed with improved path validation.

CVE-2025-30456: Gergely Kalman (@gergely_kalman)

Impact: An attacker with physical access to a locked device may be able to view sensitive user information

Description: The issue was addressed with improved checks.

CVE-2025-30439: Andr.Ess

Impact: An app may be able to access sensitive user data

Description: A logging issue was addressed with improved data redaction.

CVE-2025-24283: Kirin (@Pwnrin)

Impact: An app may be able to access sensitive user data

Description: The issue was resolved by sanitizing logging

CVE-2025-30447: LFY@secsys from Fudan University

Impact: An app may be able to access sensitive user data

Description: The issue was addressed with improved restriction of data container access.

CVE-2025-30463: mzzzz__

Impact: Parsing an image may lead to disclosure of user information

Description: A logic error was addressed with improved error handling.

CVE-2025-24210: Anonymous working with Trend Micro Zero Day Initiative

Impact: An app may be able to cause unexpected system termination or write kernel memory

Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2025-24257: Wang Yu of Cyberserval

Impact: Processing a maliciously crafted file may lead to a cross site scripting attack

Description: The issue was addressed with improved input sanitization.

CVE-2025-30434: Muhammad Zaid Ghifari (Mr.ZheeV) and Kalimantan Utara

Impact: A malicious app may be able to attempt passcode entries on a locked device and thereby cause escalating time delays after 4 failures

Description: A logic issue was addressed with improved state management.

CVE-2025-30432: Michael (Biscuit) Thomas - @biscuit@social.lol

Impact: An app may be able to modify protected parts of the file system

Description: The issue was addressed with improved checks.

CVE-2025-24203: Ian Beer of Google Project Zero

Entry added November 11, 2025

Impact: An input validation issue was addressed

Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.

CVE-2024-48958

Impact: Processing maliciously crafted web content may result in the disclosure of process memory

Description: A logic issue was addressed with improved checks.

CVE-2025-24194: an anonymous researcher

Impact: Parsing a file may lead to an unexpected app termination

Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.

CVE-2025-27113

CVE-2024-56171

Impact: An app may be able to break out of its sandbox

Description: This issue was addressed through improved state management.

CVE-2025-24178: an anonymous researcher

Impact: An app may be able to delete files for which it does not have permission

Description: This issue was addressed with improved handling of symlinks.

CVE-2025-31182: Alex Radocea and Dave G. of Supernetworks, 风沐云烟(@binary_fmyy) and Minghao Lin(@Y1nKoc)

Impact: An app may be able to gain elevated privileges

Description: A logic issue was addressed with improved checks.

CVE-2025-24238: an anonymous researcher

Impact: An app may be able to access sensitive user data

Description: A logging issue was addressed with improved data redaction.

CVE-2025-31199: Jonathan Bar Or (@yo_yo_yo_jbo) of Microsoft, Alexia Wilson of Microsoft, Christine Fossaceca of Microsoft

Entry added May 28, 2025

Impact: An app may be able to read sensitive location information

Description: A path handling issue was addressed with improved logic.

CVE-2025-30470: LFY@secsys from Fudan University

Available for: iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 4th generation and later, iPad 10th generation and later, and iPad mini 6th generation and later

Impact: An attacker with a USB-C connection to an unlocked device may be able to programmatically access photos

Description: This issue was addressed with improved authentication.

CVE-2025-24193: Florian Draschbacher

Impact: An app may be able to enumerate a user's installed apps

Description: This issue was addressed with additional entitlement checks.

CVE-2025-30426: Jimmy

Impact: Photos in the Hidden Photos Album may be viewed without authentication

Description: This issue was addressed through improved state management.

CVE-2025-30428: Jax Reissner

Impact: A person with physical access to an iOS device may be able to access photos from the lock screen

Description: This issue was addressed through improved state management.

CVE-2025-30469: Dalibor Milanovic

Impact: An app may be able to break out of its sandbox

Description: This issue was addressed with additional entitlement checks.

CVE-2025-24173: Mickey Jin (@patch1t)

Impact: An app may be able to bypass Privacy preferences

Description: This issue was addressed with additional entitlement checks.

CVE-2025-24095: Mickey Jin (@patch1t)

Impact: A website may be able to bypass Same Origin Policy

Description: This issue was addressed through improved state management.

CVE-2025-30466: Jaydev Ahire, @RenwaX23

Entry added May 28, 2025

Impact: Visiting a malicious website may lead to user interface spoofing

Description: The issue was addressed with improved UI.

CVE-2025-24113: @RenwaX23

Impact: Visiting a malicious website may lead to address bar spoofing

Description: The issue was addressed with improved checks.

CVE-2025-30467: @RenwaX23

Impact: A website may be able to access sensor information without user consent

Description: The issue was addressed with improved checks.

CVE-2025-31192: Jaydev Ahire

Impact: A download's origin may be incorrectly associated

Description: This issue was addressed through improved state management.

CVE-2025-24167: Syarif Muhammad Sajjad

Impact: An app may be able to read a persistent device identifier

Description: A permissions issue was addressed with additional restrictions.

CVE-2025-24220: Wojciech Regula of SecuRing (wojciechregula.blog)

Entry added May 12, 2025

Impact: A remote user may be able to cause a denial-of-service

Description: A validation issue was addressed with improved logic.

CVE-2025-30471: Bing Shi, Wenchao Li, Xiaolong Bai of Alibaba Group, Luyi Xing of Indiana University Bloomington

Impact: A malicious app may be able to dismiss the system notification on the Lock Screen that a recording was started

Description: This issue was addressed with improved access restrictions.

CVE-2025-30438: Halle Winkler, Politepix theoffcuts.org

Impact: A shortcut may be able to access files that are normally inaccessible to the Shortcuts app

Description: This issue was addressed with improved access restrictions.

CVE-2025-30433: Andrew James Gonzalez

Impact: An attacker may be able to use Siri to enable Auto-Answer Calls

Description: This issue was addressed by restricting options offered on a locked device.

CVE-2025-30436: Abhay Kailasia (@abhay_kailasia) from C-DAC Thiruvananthapuram India, Chi Yuan Chang of ZUSO ART and taikosoup

Entry added May 12, 2025

Impact: An app may be able to access sensitive user data

Description: The issue was addressed with improved restriction of data container access.

CVE-2025-31183: Kirin (@Pwnrin), Bohdan Stasiuk (@bohdan_stasiuk)

Impact: An app may be able to access sensitive user data

Description: This issue was addressed with improved redaction of sensitive information.

CVE-2025-24217: Kirin (@Pwnrin)

Impact: An app may be able to access sensitive user data

Description: A privacy issue was addressed by not logging contents of text fields.

CVE-2025-24214: Kirin (@Pwnrin)

Impact: An app may be able to access user-sensitive data

Description: An authorization issue was addressed with improved state management.

CVE-2025-24205: YingQi Shi(@Mas0nShi) of DBAppSecurity's WeBin lab and Minghao Lin (@Y1nKoc)

Impact: An attacker with physical access may be able to use Siri to access sensitive user data

Description: This issue was addressed by restricting options offered on a locked device.

CVE-2025-24198: Richard Hyunho Im (@richeeta) with routezero.security

Impact: An app may gain unauthorized access to Local Network

Description: This issue was addressed with improved permissions checking.

CVE-2025-31184: Alexander Heinrich (@Sn0wfreeze), SEEMOO, TU Darmstadt & Mathy Vanhoef (@vanhoefm) and Jeroen Robben (@RobbenJeroen), DistriNet, KU Leuven

Impact: Visiting a website may leak sensitive data

Description: A script imports issue was addressed with improved isolation.

CVE-2025-24192: Vsevolod Kokorin (Slonser) of Solidlab

Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash

Description: The issue was addressed with improved memory handling.

WebKit Bugzilla: 285892

CVE-2025-24264: Gary Kwong, and an anonymous researcher

WebKit Bugzilla: 284055

CVE-2025-24216: Paul Bakker of ParagonERP

Impact: Processing maliciously crafted web content may lead to an unexpected process crash

Description: A buffer overflow issue was addressed with improved memory handling.

WebKit Bugzilla: 286462

CVE-2025-24209: Francisco Alonso (@revskills), and an anonymous researcher

Impact: Loading a malicious iframe may lead to a cross-site scripting attack

Description: A permissions issue was addressed with additional restrictions.

WebKit Bugzilla: 286381

CVE-2025-24208: Muhammad Zaid Ghifari (Mr.ZheeV) and Kalimantan Utara

Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash

Description: A use-after-free issue was addressed with improved memory management.

WebKit Bugzilla: 285643

CVE-2025-30427: rheza (@ginggilBesel)

Impact: A malicious website may be able to track users in Safari private browsing mode

Description: This issue was addressed through improved state management.

WebKit Bugzilla: 286580

CVE-2025-30425: an anonymous researcher

We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal India, Andr.Ess, Richard Hyunho Im (@richeeta) with routezero.security, shane gallagher for their assistance.

We would like to acknowledge Bohdan Stasiuk (@bohdan_stasiuk) for their assistance.

We would like to acknowledge Byron Fecho for their assistance.

We would like to acknowledge Anonymous, Dohyun Lee (@l33d0hyun) of USELab, Korea University & Youngho Choi of CEL, Korea University & Geumhwan Cho of USELab, Korea University for their assistance.

We would like to acknowledge 神罚(@Pwnrin) for their assistance.

We would like to acknowledge Jann Horn of Google Project Zero for their assistance.

We would like to acknowledge Kirin and FlowerCode for their assistance.

We would like to acknowledge Kirin@Pwnrin and LFY@secsys from Fudan University for their assistance.

We would like to acknowledge Hasan Sheet for their assistance.

We would like to acknowledge D4m0n for their assistance.

We would like to acknowledge Doria Tang, Ka Lok Wu, Prof. Sze Yiu Chau of The Chinese University of Hong Kong, K宝 and LFY@secsys from Fudan University for their assistance.

We would like to acknowledge parkminchan from Korea Univ. for their assistance.

We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal India for their assistance.

We would like to acknowledge Stephan Davidson, Tim van Dijen of SimpleSAMLphp for their assistance.

We would like to acknowledge Abhay Kailasia (@abhay_kailasia) from LNCT Bhopal and C-DAC Thiruvananthapuram India, Abhishek Kanaujia, Bistrit Dahal, Dalibor Milanovic, Himanshu Bharti, Srijan Poudel for their assistance.

We would like to acknowledge Aakash Rayapur, Abhishek Bansal, Ahmed Mahrous, Bistrit Dahal, Finley Drewery, Henning Petersen, J T, Nilesh Mourya, Pradip Bhattarai, Pranav Bantawa and Pranay Bantawa, Sai Tarun Aili, Stephen J Lalremruata, Вячеслав Погорелов, and an anonymous researcher for their assistance.

Entry updated November 11, 2025

We would like to acknowledge George Bafaloukas (george.bafaloukas@pingidentity.com) and Shri Hunashikatti (sshpro9@gmail.com) for their assistance.

We would like to acknowledge Alisha Ukani, Pete Snyder, Alex C. Snoeren for their assistance.

We would like to acknowledge Charlie Robinson for their assistance.

We would like to acknowledge Benjamin Hornbeck for their assistance.

We would like to acknowledge Marc Schoenefeld, Dr. rer. nat. for their assistance.

We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal India for their assistance.

We would like to acknowledge Kevin Jones (GitHub) for their assistance.

We would like to acknowledge Abhay Kailasia (@abhay_kailasia) from C-DAC Thiruvananthapuram India, Joaquin Ruano Campos, Lucas Monteiro for their assistance.

We would like to acknowledge Chi Yuan Chang of ZUSO ART and taikosoup, and an anonymous researcher for their assistance.

We would like to acknowledge Lyutoon for their assistance.

We would like to acknowledge Joshua van Rijswijk, Micheal ogaga, hitarth shah for their assistance.

We would like to acknowledge J T, Richard Hyunho Im (@r1cheeta), Suraj Sawant for their assistance.

We would like to acknowledge K宝(@Pwnrin) for their assistance.

We would like to acknowledge Aqib Imran for their assistance.

We would like to acknowledge Gary Kwong, Jesse Stolwijk, P1umer (@p1umer) and Q1IQ (@q1iqF), Wai Kin Wong, Dongwei Xiao, Shuai Wang and Daoyuan Wu of HKUST Cybersecurity Lab, Anthony Lai(@darkfloyd1014) of VXRL, Wong Wai Kin, Dongwei Xiao and Shuai Wang of HKUST Cybersecurity Lab, Anthony Lai (@darkfloyd1014) of VXRL., Xiangwei Zhang of Tencent Security YUNDING LAB, 냥냥, and an anonymous researcher for their assistance.

We would like to acknowledge Richard Hyunho Im (@richeeta) with Route Zero Security for their assistance.

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

Published Date: November 11, 2025