๐ฅ This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)
CVE-2021-30952: Apple Multiple Products Integer Overflow or Wraparound Vulnerability
Summary
Apple products including tvOS, macOS, Safari, iPadOS, and watchOS have an integer overflow or wraparound vulnerability (a bug where numbers exceed their maximum allowed value and wrap around to incorrect values) triggered by malicious web content that could allow attackers to run arbitrary code (any commands they choose) on affected devices. This vulnerability is currently being actively exploited by attackers in real-world attacks.
Solution / Mitigation
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Refer to Apple support pages: https://support.apple.com/en-us/HT212975, https://support.apple.com/en-us/HT212976, https://support.apple.com/en-us/HT212978, https://support.apple.com/en-us/HT212980, https://support.apple.com/en-us/HT212982.
Vulnerability Details
EPSS: 1.5%
๐ฅ Actively Exploited
Classification
Taxonomy References
Original source: https://nvd.nist.gov/vuln/detail/CVE-2021-30952
First tracked: March 5, 2026 at 03:00 PM
Classified by LLM (prompt v3) ยท confidence: 95%