CVE-2024-44308 is an Apple zero-day in Safari's JavaScriptCore engine, actively exploited via malicious web pages. Update all Apple devices to iOS 18.1.1, iPadOS 18.1.1, and macOS Sequoia 15.1.1 immediately. This is frequently chained with CVE-2024-44309 for a complete browser compromise.
Apple Safari JavaScriptCore Remote Code Execution. Processing maliciously crafted web content may lead to arbitrary code execution.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →