{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-46316", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-04-22T21:13:49.961Z", "datePublished": "2026-01-28T17:26:19.018Z", "dateUpdated": "2026-04-02T18:17:30.165Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "Processing a maliciously crafted Pages document may result in unexpected termination or disclosure of process memory"}]}], "affected": [{"vendor": "Apple", "product": "Pages", "versions": [{"version": "0", "status": "affected", "lessThan": "15.1", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"version": "0", "status": "affected", "lessThan": "26.1", "versionType": "custom"}]}, {"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "26.1", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in Pages 15.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1. Processing a maliciously crafted Pages document may result in unexpected termination or disclosure of process memory."}], "references": [{"url": "https://support.apple.com/en-us/125632"}, {"url": "https://support.apple.com/en-us/125634"}, {"url": "https://support.apple.com/en-us/126255"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:17:30.165Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-125", "lang": "en", "description": "CWE-125 Out-of-bounds Read"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-01-28T19:19:47.595598Z", "id": "CVE-2025-46316", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-28T19:19:57.133Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-46316", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-28T19:19:47.595598Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125 Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-28T19:19:20.350Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "26.1", "versionType": "custom"}]}, {"vendor": "Apple", "product": "Pages", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "15.1", "versionType": "custom"}]}, {"vendor": "Apple", "product": "iOS and iPadOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "26.1", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/125634"}, {"url": "https://support.apple.com/en-us/126255"}, {"url": "https://support.apple.com/en-us/125632"}], "descriptions": [{"lang": "en", "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 26.1 and iPadOS 26.1, Pages 15.1, macOS Tahoe 26.1. Processing a maliciously crafted Pages document may result in unexpected termination or disclosure of process memory."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Processing a maliciously crafted Pages document may result in unexpected termination or disclosure of process memory"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-01-28T17:26:19.018Z"}}}, "cveMetadata": {"cveId": "CVE-2025-46316", "state": "PUBLISHED", "dateUpdated": "2026-01-28T19:19:57.133Z", "dateReserved": "2025-04-22T21:13:49.961Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2026-01-28T17:26:19.018Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:pages:*:*:*:*:*:*:*:*", "matchCriteriaId": "E1BE8D75-38AC-4D79-A873-A8625BB5C661", "versionEndExcluding": "15.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D51AEDC-9086-4010-B3BF-C652D65D09C8", "versionEndExcluding": "26.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "3981A7BE-BC98-4C6F-AE38-D68839368925", "versionEndExcluding": "26.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "081B6CCE-FFA4-409C-9353-15014F3AF436", "versionEndExcluding": "26.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in Pages 15.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1. Processing a maliciously crafted Pages document may result in unexpected termination or disclosure of process memory."}, {"lang": "es", "value": "Se solucion\u00f3 un error de lectura fuera de l\u00edmites con una validaci\u00f3n de entrada mejorada. Este problema se solucion\u00f3 en iOS 26.1 y iPadOS 26.1, Pages 15.1, macOS Tahoe 26.1. Al procesar un documento de Pages creado con fines maliciosos se puede provocar una terminaci\u00f3n inesperada o la divulgaci\u00f3n de la memoria del proceso."}], "id": "CVE-2025-46316", "lastModified": "2026-04-02T19:21:06.770", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-01-28T18:16:49.350", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/125632"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/125634"}, {"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/126255"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-27T21:07:42.848235+00:00", "value": {"mitigation_remediation": ["Update to Pages\u202f15.1, iOS\u202f26.1, iPadOS\u202f26.1, and macOS\u202fTahoe\u202f26.1.", "If an update cannot be applied immediately, do not open or execute unknown Pages files.", "Ensure your device receives future Apple security updates by keeping the system external sources enabled."], "summary": {"action": "Apply Update", "impact": "Memory disclosure or application crash"}, "threat_synthesis": {"affected_systems": "The vulnerability targets Apple Pages as well as the iOS, iPadOS, and macOS operating systems. The issue is resolved in Pages 15.1, iOS 26.1, iPadOS 26.1, and macOS Tahoe 26.1. Any earlier releases of these products are therefore susceptible, although the CVE does not list specific pre\u2011patch versions.", "description_and_impact": "An out\u2011of\u2011bounds read was discovered in Apple Pages and several Apple operating systems. The flaw permits a process that parses a maliciously crafted Pages document to read data beyond its intended buffer. The unintended read can cause the application to terminate unexpectedly or expose portions of the process memory, potentially leaking sensitive information. The weakness corresponds to CWE\u2011125, confirming a lack of proper bounds checking.", "risk_and_exploitability": "The CVSS score of 4.3 classifies this vulnerability as moderate, and the EPSS score of less than 1% indicates a very low likelihood of exploitation at the time of this analysis. It is not included in the CISA KEV catalog. The attack vector is inferred to be local: a malicious Pages document must be opened by a user or processed by a third\u2011party application that handles such files. No additional environmental prerequisites are specified in the CVE data."}}}}, "created": "2026-01-29T09:09:21.360218+00:00", "title": "Out\u2011of\u2011Bounds Read in Apple Pages and Apple OS Leading to Application Crash or Memory Disclosure", "updated": "2026-04-27T21:15:05.544882+00:00", "vendors": ["apple", "apple$PRODUCT$ios", "apple$PRODUCT$ipados", "apple$PRODUCT$macos_tahoe", "apple$PRODUCT$pages"]}