CVE-2024-44309 is an Apple WebKit XSS zero-day actively exploited in the wild, often chained with CVE-2024-44308. Patch all Apple platforms to November 2024 releases. Intelligence agencies have attributed exploitation to nation-state actors targeting high-value individuals.
Apple WebKit Cross-Site Scripting Vulnerability. Processing maliciously crafted web content may lead to a cross-site scripting attack.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →