A collection of POCs & writeups for iOS vulnerabilities either discovered by me, binary diffed from In-The-Wild updates or just cool non-public bugs.
| CVE | Patched In | Link | Reported by me | Exploited ITW | Description |
|---|---|---|---|---|---|
| CVE-2021-1757 | iOS 14.4 | poc - info | ✖️ | ✖️ | Kernel pc control |
| CVE-2021-1812 | iOS 14.5 | poc | ✅ | ✖️ | Kernel oob r/w? |
| - | iOS 14.5 | poc - info | ✅ | ✖️ | Kernel oob write |
| CVE-2021-30674 | iOS 14.6 | poc | ✅ | ✖️ | Kernel oob read |
| CVE-2021-30807 | iOS 14.7.1 | poc - more | ✖️ | ✅ | Kernel oob write |
| CVE-2021-30837 | iOS 15.0 | poc | ✅ | ✖️ | Kernel oob write |
| File System | iOS 15.0 | poc | ✅ | ✖️ | Kernel oob r/w? |
| CVE-2021-30983 | iOS 15.2 | poc | ✖️ | ✅ | Kernel oob write |
| CVE-2022-22587 | iOS 15.3 | poc | ✅ | ✅ | Kernel oob write |
| CVE-2022-22672 | iOS 15.4 | poc | ✅ | ✖️ | Kernel oob write |
| CVE-2022-22675 | iOS 15.4.1 | poc - more | ✖️ | ✅ | Kernel oob write |
| CVE-2025-24085 | iOS 18.3 | poc - info | ✖️ | ✅ | Userland UAF |
| CVE-2025-43300 | iOS 18.6.2 | info | ✖️ | ✅ | Userland oob write |
- CVE-2022-22675's POC was a joint effort with @littlelailo
- CVE-2021-30983 is not marked as ITW by Apple but Google caught an ITW sample