Vulnerability Database

309,465

Total vulnerabilities in the database

CVE-2025-24225

An injection issue was addressed with improved input validation. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5. Processing an email may lead to user interface spoofing.

Published: May 12, 2025
Updated: Nov 4, 2025
CVE: CVE-2025-24225
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
apple / ipados	-	17.7.7
apple / ipados	18.0	18.5
apple / iphone_os	-	18.5

http://seclists.org/fulldisclosure/2025/May/6
https://support.apple.com/en-us/122404
https://support.apple.com/en-us/122405

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo