Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

Apple WebKit Integer Overflow Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Exploited

Patched

An integer overflow vulnerability has been identified in the WebKit component of multiple Apple products, including iOS, iPadOS, macOS, tvOS, and Safari. This vulnerability arises from inadequate input validation, which can be exploited by processing maliciously crafted web content, leading to arbitrary code execution. The issue has been actively exploited in the wild.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the affected device or application.

Remediation

Users can update to iOS 14.5.1, iPadOS 14.5.1, tvOS 14.6, macOS Big Sur 11.3.1, or Safari 14.1.1 to address this vulnerability.

Added: May 15, 2026, 10:30 AM

Updated: May 15, 2026, 10:30 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

7.5

exploitability

5.3

remediation

7.7

relevance

0.0

threat

8.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

7.5

exploitability

5.3

remediation

7.7

relevance

0.0

threat

8.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

Apple WebKit Integer Overflow Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

Apple iOS

Apple iPadOS

Apple tvOS

Apple Safari

Apple macOS Big Sur

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating