๐ฅ This vulnerability is being actively exploited in the wild (CISA Known Exploited Vulnerabilities catalog)
CVE-2023-41974: Apple iOS and iPadOS Use-After-Free Vulnerability
Summary
Apple iOS and iPadOS contain a use-after-free vulnerability (a memory bug where software tries to access data after it's been deleted), which could allow an app to run arbitrary code with kernel privileges (the highest level of system access). This vulnerability is actively being exploited by attackers.
Solution / Mitigation
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. For details, see https://support.apple.com/en-us/HT213938 or https://support.apple.com/kb/HT213938.
Vulnerability Details
EPSS: 0.5%
๐ฅ Actively Exploited
Classification
Original source: https://nvd.nist.gov/vuln/detail/CVE-2023-41974
First tracked: March 5, 2026 at 03:00 PM
Classified by LLM (prompt v3) ยท confidence: 95%