Vendor security team contributor

Apple

cited as evidence in 70 · CNA assigner on 93 of 94 known-exploited records. Every aggregate on this page is recomputed from the records listed below — each one already cited to its public source.

support.apple.com ↗ · home of the cited advisories

records cited in

deterministic count

finder / reporter credits

CVE.org credits

CVE records catalogued (CNA)

assigner

12%

avg modeled exploit prob.

FIRST EPSS, 94/94

ransomware-associated

0 of 94 · CISA flag

Known for

— recomputed from this contributor’s own records

SurfacesApplication / other (55), Operating system / kernel (38), Browser (1)

WeaknessMemory safety (62), Authorization / access control (5), Web / client (2), Resource / availability (1), Injection (1)

PortfolioApple (93), Google (1)

Narrative reach

— how far this contributor’s records carry an attacker, front door → lights out

1Front door

94reach this stage

→

2Keys to the kingdom

94reach this stage

→

3Lateral reach

85reach this stage

→

4Data at risk

2reach this stage

→

5Lights out

0reach this stage

Furthest any of these records carries an attacker: 4 · Data at risk. 2 of 94 narrative-framed records reach data-at-risk or lights-out. (furthest-position idiom, reused from the landing map; the stage mapping is a model output over cited evidence.)

Recent highlights

— this contributor’s newest known-exploited records

CVE-2025-31277Apple1%KEV CVE-2025-43510Apple0%KEV CVE-2025-43520Apple0%KEV CVE-2021-30952Apple8%KEV CVE-2023-41974Apple1%KEV CVE-2023-43000Apple4%KEV

Every record they’re cited in

— all 94, each linked to its cited source

This is the evidence behind every number above. Sorted ransomware-first, then by modeled exploit probability.

CVE-2021-30860Apple76%KEV CVE-2021-30657Apple69%KEV CVE-2016-4657Apple67%KEV CVE-2023-32434Apple52%KEV CVE-2014-4404Apple49%KEV CVE-2016-4655Apple33%KEV CVE-2023-41993Apple29%KEV CVE-2021-30807Apple29%KEV CVE-2023-28205Apple27%KEV CVE-2023-28206Apple25%KEV CVE-2023-32439Apple24%KEV CVE-2016-4656Apple24%KEV CVE-2023-32435Apple23%KEV CVE-2025-14174Google22%KEV CVE-2020-27930Apple22%KEV CVE-2025-31200Apple21%KEV CVE-2024-44309Apple21%KEV CVE-2025-43300Apple20%KEV CVE-2025-24085Apple20%KEV CVE-2023-37450Apple18%KEV CVE-2019-8506Apple18%KEV CVE-2023-42916Apple18%KEV CVE-2019-8605Apple18%KEV CVE-2023-32409Apple17%KEV CVE-2020-27950Apple17%KEV CVE-2022-22620Apple16%KEV CVE-2020-3837Apple16%KEV CVE-2019-7286Apple16%KEV CVE-2023-41064Apple15%KEV CVE-2021-30883Apple15%KEV CVE-2021-1789Apple15%KEV CVE-2023-28204Apple14%KEV CVE-2021-30858Apple13%KEV CVE-2022-22675Apple13%KEV CVE-2025-31201Apple12%KEV CVE-2023-32373Apple12%KEV CVE-2022-22587Apple12%KEV CVE-2021-30762Apple11%KEV CVE-2024-23222Apple11%KEV CVE-2021-30761Apple11%KEV CVE-2020-27932Apple10%KEV CVE-2015-1130Apple10%KEV CVE-2022-32893Apple10%KEV CVE-2023-23529Apple10%KEV CVE-2023-42917Apple9%KEV CVE-2024-44308Apple9%KEV CVE-2022-42856Apple9%KEV CVE-2025-43529Apple8%KEV CVE-2021-1870Apple8%KEV CVE-2021-30952Apple8%KEV CVE-2021-1871Apple7%KEV CVE-2021-1879Apple7%KEV CVE-2021-30713Apple7%KEV CVE-2022-32917Apple6%KEV CVE-2021-30900Apple5%KEV CVE-2025-24200Apple5%KEV CVE-2019-7287Apple5%KEV CVE-2023-41991Apple5%KEV CVE-2021-30661Apple4%KEV CVE-2025-24201Apple4%KEV CVE-2021-30869Apple4%KEV CVE-2023-43000Apple4%KEV CVE-2020-9907Apple4%KEV CVE-2021-31010Apple4%KEV CVE-2021-30665Apple3%KEV CVE-2021-30663Apple3%KEV CVE-2022-32894Apple3%KEV CVE-2020-9934Apple3%KEV CVE-2023-41061Apple3%KEV CVE-2022-48503Apple3%KEV CVE-2021-30983Apple3%KEV CVE-2018-4344Apple3%KEV CVE-2023-41992Apple3%KEV CVE-2021-30666Apple3%KEV CVE-2019-6223Apple3%KEV CVE-2020-9818Apple2%KEV CVE-2021-1782Apple2%KEV CVE-2020-9819Apple2%KEV CVE-2024-23225Apple1%KEV CVE-2025-31277Apple1%KEV CVE-2024-23296Apple1%KEV CVE-2023-41974Apple1%KEV CVE-2026-20700Apple1%KEV CVE-2023-41990Apple1%KEV CVE-2022-42827Apple1%KEV CVE-2022-22674Apple1%KEV CVE-2025-43200Apple1%KEV CVE-2023-38606Apple1%KEV CVE-2023-42824Apple1%KEV CVE-2020-9859Apple1%KEV CVE-2019-8526Apple1%KEV CVE-2022-48618Apple0%KEV CVE-2025-43520Apple0%KEV CVE-2025-43510Apple0%KEV

Coverage & confidence

— what this profile claims, and what it does not

Established (cited)

Cited in 94 known-exploited records — the list below; every one links to its public source.

Catalogued 93 CVE record(s) as the CNA assigner (from CVE.org).

Coverage gaps — stated, not hidden

This profile is an aggregation: it asserts only what the listed records already cite — no new external claim about the contributor is made.

The TYPE badge and the narrative-stage mapping are editorial (our call), labeled as such, not a sourced fact.