{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-31280", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-03-27T16:13:58.345Z", "datePublished": "2025-07-29T23:35:11.230Z", "dateUpdated": "2026-04-02T18:10:03.631Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "Processing a maliciously crafted file may lead to heap corruption"}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "15.6", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted file may lead to heap corruption."}], "references": [{"url": "https://support.apple.com/en-us/124149"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:10:03.631Z"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-31280", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-07-31T03:56:08.247992Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow"}]}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-26T17:50:09.441Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/Jul/32"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T19:53:03.260Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/Jul/32"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T19:53:03.260Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-31280", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-07-31T03:56:08.247992Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-30T13:27:05.536Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "15.6", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/124149"}], "descriptions": [{"lang": "en", "value": "A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted file may lead to heap corruption."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Processing a maliciously crafted file may lead to heap corruption"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2025-07-29T23:54:09.993Z"}}}, "cveMetadata": {"cveId": "CVE-2025-31280", "state": "PUBLISHED", "dateUpdated": "2025-11-03T19:53:03.260Z", "dateReserved": "2025-03-27T16:13:58.345Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2025-07-29T23:35:11.230Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "077E4BB7-4A8B-4D18-BCD7-2938A2B8B9C8", "versionEndExcluding": "15.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted file may lead to heap corruption."}, {"lang": "es", "value": "Se solucion\u00f3 un problema de corrupci\u00f3n de memoria mejorando la validaci\u00f3n. Este problema se solucion\u00f3 en macOS Sequoia 15.6. Procesar un archivo manipulado con fines maliciosos puede provocar corrupci\u00f3n en el mont\u00f3n."}], "id": "CVE-2025-31280", "lastModified": "2025-11-03T20:18:25.317", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-07-30T00:15:31.163", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/124149"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/Jul/32"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T10:59:39.577082+00:00", "value": {"mitigation_remediation": ["Update macOS to Sequoia\u202f15.6 or later to apply the patch.", "Minimize exposure of the system to untrusted or unknown files; use secure file handling practices to avoid opening potentially malicious documents.", "Maintain Gatekeeper and other macOS security features that restrict unauthorized code execution as an additional safeguard.", "Report suspicious files or behaviors to Apple Security for analysis."], "summary": {"action": "Patch", "impact": "Heap Corruption"}, "threat_synthesis": {"affected_systems": "Apple\u2019s macOS operating system is vulnerable on all releases prior to macOS Sequoia\u202f15.6; the issue has been resolved in Sequoia\u202f15.6 and later versions.", "description_and_impact": "A memory corruption flaw in macOS triggers heap corruption when a maliciously crafted file is processed. The description does not state that arbitrary code execution is guaranteed, but the type of vulnerability (CWE\u2011122) could potentially be leveraged for unintended memory manipulation or execution if an attacker succeeds. The impact therefore revolves around integrity and possible control of the affected system.", "risk_and_exploitability": "The CVSS score of 7.8 indicates high severity, yet the EPSS score of less than 1% suggests a low probability of current exploitation. The vulnerability is not listed in the CISA KEV catalog. Exploitation would likely require local access to supply a specially crafted file; an attacker would need to deliver or induce the system to open such a file. No publicly available exploit is documented, and no workaround is provided."}}}}, "created": "2025-07-31T09:15:41.255443+00:00", "title": "Memory Corruption Vulnerability in macOS via Malicious File", "updated": "2026-04-28T11:00:14.186776+00:00", "vendors": ["apple", "apple$PRODUCT$macos", "apple$PRODUCT$sequoia"]}