CVE-2025-31276
MEDIUM | Platform: iPadOS | Changelog
CVE Details
Description
This issue was addressed through improved state management. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9. Remote content may be loaded even when the ‘Load Remote Images’ setting is turned off.
CVSS 3.1 Score
| Metric | Value |
|---|---|
| Base Score | 5.3 (MEDIUM) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Weakness
References
- Apple Security Advisory
- NVD Entry
- https://support.apple.com/en-us/124148 (Release Notes, Vendor Advisory)
- http://seclists.org/fulldisclosure/2025/Jul/31