Apple Updates Everything: May 2025 Edition, (Mon, May 12th)

CVE-2025-24097: An app may be able to read arbitrary file metadata.
Affects AirDrop   x             CVE-2025-24111: An app may be able to cause unexpected system termination.
Affects Display   x             CVE-2025-24142: An app may be able to access sensitive user data.
Affects Notification Center     x x x       CVE-2025-24144: An app may be able to leak sensitive kernel state.
Affects Kernel   x   x x       CVE-2025-24155: An app may be able to disclose kernel memory.
Affects WebContentFilter       x x       CVE-2025-24213: A type confusion issue could lead to memory corruption.
Affects WebKit x x x     x x x CVE-2025-24220: An app may be able to read a persistent device identifier.
Affects Sandbox Profiles   x             CVE-2025-24222: Processing maliciously crafted web content may lead to an unexpected process crash.
Affects BOM     x           CVE-2025-24223: Processing maliciously crafted web content may lead to memory corruption.
Affects WebKit     x           CVE-2025-24225: Processing an email may lead to user interface spoofing.
Affects Mail Addressing x x             CVE-2025-24258: An app may be able to gain root privileges.
Affects DiskArbitration       x x       CVE-2025-24259: An app may be able to retrieve Safari bookmarks without an entitlement check.
Affects Parental Controls   x             CVE-2025-24274: A malicious app may be able to gain root privileges.
Affects Mobile Device Service     x x x       CVE-2025-30440: An app may be able to bypass ASLR.
Affects Libinfo     x x x       CVE-2025-30442: An app may be able to gain elevated privileges.
Affects SoftwareUpdate       x x       CVE-2025-30443: An app may be able to access user-sensitive data.
Affects Found in Apps     x           CVE-2025-30448: An attacker may be able to turn on sharing of an iCloud folder without authentication.
Affects iCloud Document Sharing x x   x x     x CVE-2025-30453: A malicious app may be able to gain root privileges.
Affects DiskArbitration       x x       CVE-2025-31196: Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents.
Affects CoreGraphics   x   x x       CVE-2025-31200: Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS released before iOS 18.4.1..
Affects CoreAudio           x     CVE-2025-31204: Processing maliciously crafted web content may lead to memory corruption.
Affects WebKit x         x x x CVE-2025-31205: A malicious website may exfiltrate data cross-origin.
Affects WebKit x   x     x x x CVE-2025-31206: Processing maliciously crafted web content may lead to an unexpected Safari crash.
Affects WebKit x x x     x x x CVE-2025-31207: An app may be able to enumerate a user's installed apps.
Affects FrontBoard x               CVE-2025-31208: Parsing a file may lead to an unexpected app termination.
Affects CoreAudio x x x x x x x x CVE-2025-31209: Parsing a file may lead to disclosure of user information.
Affects CoreGraphics x x x x x x x x CVE-2025-31210: Processing web content may lead to a denial-of-service.
Affects FaceTime x x             CVE-2025-31212: An app may be able to access sensitive user data.
Affects Core Bluetooth x   x     x x x CVE-2025-31213: An app may be able to access associated usernames and websites in a user's iCloud Keychain.
Affects Security   x x x x       CVE-2025-31214: An attacker in a privileged network position may be able to intercept network traffic.
Affects Baseband x               CVE-2025-31215: Processing maliciously crafted web content may lead to an unexpected process crash.
Affects WebKit x x x     x x x CVE-2025-31217: Processing maliciously crafted web content may lead to an unexpected Safari crash.
Affects WebKit x x x     x x x CVE-2025-31218: An app may be able to observe the hostnames of new network connections.
Affects NetworkExtension     x           CVE-2025-31219: An attacker may be able to cause unexpected system termination or corrupt kernel memory.
Affects Kernel x x x x x x x x CVE-2025-31220: A malicious app may be able to read sensitive location information.
Affects Weather   x x x x       CVE-2025-31221: A remote attacker may be able to leak memory.
Affects Security x x x x x x x x CVE-2025-31222: A user may be able to elevate privileges.
Affects mDNSResponder x   x x x x x x CVE-2025-31224: An app may be able to bypass certain Privacy preferences.
Affects Sandbox     x x x       CVE-2025-31225: Call history from deleted apps may still appear in spotlight search results.
Affects Call History x               CVE-2025-31226: Processing a maliciously crafted image may lead to a denial-of-service.
Affects ImageIO x x x     x x x CVE-2025-31227: An attacker with physical access to a device may be able to access a deleted call recording.
Affects Notes x               CVE-2025-31228: An attacker with physical access to a device may be able to access notes from the lock screen.
Affects Notes x x             CVE-2025-31232: A sandboxed app may be able to access sensitive user data.
Affects Installer     x x x       CVE-2025-31233: Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory.
Affects CoreMedia x x x x x x x x CVE-2025-31234: An attacker may be able to cause unexpected system termination or corrupt kernel memory.
Affects Pro Res x   x       x x CVE-2025-31235: An app may be able to cause unexpected system termination.
Affects Audio   x x x x       CVE-2025-31236: An app may be able to access sensitive user data.
Affects Finder     x           CVE-2025-31237: Mounting a maliciously crafted AFP network share may lead to system termination.
Affects afpfs     x x x       CVE-2025-31238: Processing maliciously crafted web content may lead to memory corruption.
Affects WebKit x   x     x x x CVE-2025-31239: Parsing a file may lead to an unexpected app termination.
Affects CoreMedia x x x x x x x x CVE-2025-31241: A remote attacker may cause an unexpected app termination.
Affects Kernel x x x x x x x x CVE-2025-31242: An app may be able to access sensitive user data.
Affects StoreKit   x x x x       CVE-2025-31244: An app may be able to break out of its sandbox.
Affects quarantine     x           CVE-2025-31245: An app may be able to cause unexpected system termination.
Affects Pro Res x x x x x   x x CVE-2025-31246: Connecting to a malicious AFP server may corrupt kernel memory.
Affects afpfs     x x         CVE-2025-31247: An attacker may gain access to protected parts of the file system.
Affects SharedFileList     x x x       CVE-2025-31249: An app may be able to access sensitive user data.
Affects Sandbox     x           CVE-2025-31250: An app may be able to access sensitive user data.
Affects TCC     x           CVE-2025-31251: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
Affects AppleJPEG x x x x x x x x CVE-2025-31253: Muting the microphone during a FaceTime call may not result in audio being silenced.
Affects FaceTime x               CVE-2025-31256: Hot corner may unexpectedly reveal a user?s deleted notes.
Affects Notes     x           CVE-2025-31257: Processing maliciously crafted web content may lead to an unexpected Safari crash.
Affects WebKit x   x     x x x CVE-2025-31258: An app may be able to break out of its sandbox.
Affects RemoteViewServices     x           CVE-2025-31259: An app may be able to gain elevated privileges.
Affects SoftwareUpdate     x           CVE-2025-31260: An app may be able to access sensitive user data.
Affects Apple Intelligence Reports     x