Threat Intelligence
Apple vulnerability tracking — CISA KEV, NIST NVD, and SOFA actively exploited CVEs
DEFCON 1 — ACTIVE THREATS — PATCH IMMEDIATELY
CISA KEV: 1 added last 7 days | 1 last 30 days | 87 total Apple entries
Threat Triangle
CISA Known Exploited Vulnerabilities
| CVE | Product | Added |
|---|---|---|
| CVE-2026-20700 | Multiple Products | 2026-02-12 |
Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability
Apple iOS, iPadOS, and macOS ImageIO Buffer Overflow Vulnerability
Apple macOS Use-After-Free Vulnerability
Apple iOS, iPadOS, and macOS IOSurfaceAccelerator Out-of-Bounds Write Vulnerability
Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability
Apple iOS, iPadOS, and macOS Remote Code Execution Vulnerability
Apple iOS, iPadOS, and macOS Input Validation Vulnerability
Apple iOS, macOS, watchOS Sandbox Bypass Vulnerability
Apple iOS and macOS Out-of-Bounds Write Vulnerability
Apple iOS and macOS Out-of-Bounds Write Vulnerability
Apple macOS Out-of-Bounds Write Vulnerability
Apple macOS Out-of-Bounds Read Vulnerability
Apple iOS, iPadOS, and macOS Webkit Use-After-Free Vulnerability
Apple OS X Authentication Bypass Vulnerability
Apple OS X Heap-Based Buffer Overflow Vulnerability
Apple iOS and iPadOS Incorrect Authorization Vulnerability
Apple iOS and iPadOS Kernel Privilege Escalation Vulnerability
Apple iOS, iPadOS, and watchOS Wallet Code Execution Vulnerability
Apple iOS Type Confusion Vulnerability
Apple iOS and iPadOS Out-of-Bounds Write Vulnerability
Apple iOS and iPadOS Buffer Overflow Vulnerability
Apple iOS Information Disclosure Vulnerability
Apple iOS Memory Corruption Vulnerability
Apple iOS Webkit Memory Corruption Vulnerability
Apple iOS Memory Corruption Vulnerability
Apple iOS, iPadOS, and watchOS Out-of-Bounds Write Vulnerability
Apple iOS, iPadOS, and watchOS Memory Corruption Vulnerability
Apple iOS WebKit Use-After-Free Vulnerability
Apple iOS, iPadOS, and watchOS WebKit Cross-Site Scripting (XSS) Vulnerability
Apple iOS WebKit Buffer Overflow Vulnerability
NIST NVD — Recent Apple CVEs (90 Days)
| CVE | Score | Severity |
|---|---|---|
| CVE-2026-2313 | 8.8 | HIGH |
| CVE-2026-2314 | 8.8 | HIGH |
| CVE-2026-2315 | 8.8 | HIGH |
| CVE-2026-2316 | 6.5 | MEDIUM |
| CVE-2026-2317 | 6.5 | MEDIUM |
| CVE-2026-2318 | 6.5 | MEDIUM |
| CVE-2026-2319 | 7.5 | HIGH |
| CVE-2026-2320 | 6.5 | MEDIUM |
| CVE-2026-2321 | 8.8 | HIGH |
| CVE-2026-2322 | 5.4 | MEDIUM |
| CVE-2026-2323 | 4.3 | MEDIUM |
| CVE-2025-43403 | 5.5 | MEDIUM |
| CVE-2025-43417 | 5.5 | MEDIUM |
| CVE-2025-46290 | 7.5 | HIGH |
| CVE-2025-46300 | 5.7 | MEDIUM |
| CVE-2025-46301 | 5.7 | MEDIUM |
| CVE-2025-46302 | 5.7 | MEDIUM |
| CVE-2025-46303 | 5.7 | MEDIUM |
| CVE-2025-46304 | 5.7 | MEDIUM |
| CVE-2025-46305 | 5.7 | MEDIUM |
| CVE-2025-46310 | 6 | MEDIUM |
| CVE-2026-20601 | 3.3 | LOW |
| CVE-2026-20602 | 5.5 | MEDIUM |
| CVE-2026-20603 | 4.4 | MEDIUM |
| CVE-2026-20605 | 4.6 | MEDIUM |
| CVE | Score | Severity |
|---|---|---|
| CVE-2025-43537 | 5.5 | MEDIUM |
| CVE-2025-46300 | 5.7 | MEDIUM |
| CVE-2025-46301 | 5.7 | MEDIUM |
| CVE-2025-46302 | 5.7 | MEDIUM |
| CVE-2025-46303 | 5.7 | MEDIUM |
| CVE-2025-46304 | 5.7 | MEDIUM |
| CVE-2025-46305 | 5.7 | MEDIUM |
| CVE-2026-20605 | 4.6 | MEDIUM |
| CVE-2026-20606 | 7.1 | HIGH |
| CVE-2026-20608 | 5.5 | MEDIUM |
| CVE-2026-20609 | 4.4 | MEDIUM |
| CVE-2026-20611 | 7.1 | HIGH |
| CVE-2026-20615 | 7.8 | HIGH |
| CVE-2026-20617 | 7 | HIGH |
| CVE-2026-20626 | 7.8 | HIGH |
| CVE-2026-20627 | 5.5 | MEDIUM |
| CVE-2026-20634 | 5.5 | MEDIUM |
| CVE-2026-20635 | 4.3 | MEDIUM |
| CVE-2026-20638 | 5.5 | MEDIUM |
| CVE-2026-20644 | 6.5 | MEDIUM |
| CVE-2026-20645 | 4.6 | MEDIUM |
| CVE-2026-20649 | 7.5 | HIGH |
| CVE-2026-20650 | 7.5 | HIGH |
| CVE-2026-20652 | 7.5 | HIGH |
| CVE-2026-20653 | 5.5 | MEDIUM |