Vulnerability detail
Enriched intelligence for a single CVE
High
CVE-2021-30952
PUBLISHEDAn integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and...
1 day faster than CISA KEV
- Vendor
- Apple
- Product
- watchOS, iOS and iPadOS, macOS
- Published
- Aug 24, 2021
- EPSS
- 0.8% · 74% pctl
Automate this intelligence with the Pro API
Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot data — is available programmatically for VM, SOC, and CTI workflows.
Description
An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.
Weaknesses (CWE)
-
Integer Overflow or Wraparound
CVSS scores
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AV:N/AC:M/Au:N/C:P/I:P/A:P
Exploitation status
Exploited in the wild
Recorded 2026-06-01 11:38:00 UTC · CVE
References
- https://support.apple.com/en-us/HT212975
- https://support.apple.com/en-us/HT212976
- https://support.apple.com/en-us/HT212978
- https://support.apple.com/en-us/HT212980
- https://support.apple.com/en-us/HT212982
- http://www.openwall.com/lists/oss-security/2022/01/21/2
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM/
- https://www.debian.org/security/2022/dsa-5061
- https://www.debian.org/security/2022/dsa-5060
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V/
Known exploited vulnerability sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| CVE First | 2026-06-01 11:38 UTC |
| CISA | 2026-06-02 14:03 UTC |
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel
-
KEV confirmed by CISA