The Cybersecurity and Infrastructure Security Agency (CISA) has added three Apple vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, confirming they have been actively exploited in the wild.
The vulnerabilities were added to the catalog on March 5, 2026, requiring federal agencies to remediate them by specific deadlines under CISA’s Binding Operational Directive (BOD) 26-04:
- CVE-2023-43000 — Use-After-Free vulnerability affecting multiple Apple products
- CVE-2021-30952 — Integer Overflow or Wraparound vulnerability affecting multiple Apple products
- CVE-2023-41974 — Use-After-Free vulnerability specific to iOS and iPadOS
All three are known to have been exploited in the wild. The KEV catalog is CISA’s authoritative source of vulnerabilities known to be exploited in the wild, requiring all federal civilian executive branch agencies to remediate listed vulnerabilities by their respective due dates.
With these additions, the total count of Apple-related entries in the KEV catalog now stands at 157, underscoring the persistent threat landscape facing Apple’s ecosystem.