CISA Adds Three Apple Vulnerabilities to Known Exploited Vulnerabilities Catalog

atadmin
By
atadmin
1 Min Read

The Cybersecurity and Infrastructure Security Agency (CISA) has added three Apple vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, confirming they have been actively exploited in the wild.

The vulnerabilities were added to the catalog on March 5, 2026, requiring federal agencies to remediate them by specific deadlines under CISA’s Binding Operational Directive (BOD) 26-04:

  • CVE-2023-43000 — Use-After-Free vulnerability affecting multiple Apple products
  • CVE-2021-30952 — Integer Overflow or Wraparound vulnerability affecting multiple Apple products
  • CVE-2023-41974 — Use-After-Free vulnerability specific to iOS and iPadOS

All three are known to have been exploited in the wild. The KEV catalog is CISA’s authoritative source of vulnerabilities known to be exploited in the wild, requiring all federal civilian executive branch agencies to remediate listed vulnerabilities by their respective due dates.

With these additions, the total count of Apple-related entries in the KEV catalog now stands at 157, underscoring the persistent threat landscape facing Apple’s ecosystem.

Source: CISA KEV Catalog →

TAGGED:
Share This Article
Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *