PoC-in-GitHub/2025/CVE-2025-31200.json

[
    {
        "id": 969894410,
        "name": "apple-positional-audio-codec-invalid-header",
        "full_name": "zhuowei\/apple-positional-audio-codec-invalid-header",
        "owner": {
            "login": "zhuowei",
            "id": 704768,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/704768?v=4",
            "html_url": "https:\/\/github.com\/zhuowei",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/zhuowei\/apple-positional-audio-codec-invalid-header",
        "description": "CVE-2025-31200 - @Noahhw46 figured it out",
        "fork": false,
        "created_at": "2025-04-21T05:38:06Z",
        "updated_at": "2025-08-23T17:11:04Z",
        "pushed_at": "2025-06-02T13:17:24Z",
        "stargazers_count": 102,
        "watchers_count": 102,
        "has_discussions": false,
        "forks_count": 16,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 16,
        "watchers": 102,
        "score": 0,
        "subscribers_count": 13
    },
    {
        "id": 985507498,
        "name": "CVE-2025-31200-iOS-AudioConverter-RCE",
        "full_name": "JGoyd\/CVE-2025-31200-iOS-AudioConverter-RCE",
        "owner": {
            "login": "JGoyd",
            "id": 212175154,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/212175154?v=4",
            "html_url": "https:\/\/github.com\/JGoyd",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/JGoyd\/CVE-2025-31200-iOS-AudioConverter-RCE",
        "description": "CVE-2025-31200 is a zero-day, zero-click RCE in iOS CoreAudio’s AudioConverterService, triggered by a malicious audio file via iMessage\/SMS. Exploitation bypassed Blastdoor, enabled kernel escalation (CVE-2025-31201), and allowed token theft until patched in iOS 18.4.1 (Apr 16, 2025).",
        "fork": false,
        "created_at": "2025-05-17T23:03:56Z",
        "updated_at": "2025-08-24T20:17:59Z",
        "pushed_at": "2025-08-24T19:52:33Z",
        "stargazers_count": 19,
        "watchers_count": 19,
        "has_discussions": false,
        "forks_count": 8,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [
            "apple",
            "blastdoor",
            "cve-2025-31200",
            "cve-2025-31201",
            "imessage",
            "ios",
            "zero-click",
            "zero-day"
        ],
        "visibility": "public",
        "forks": 8,
        "watchers": 19,
        "score": 0,
        "subscribers_count": 1
    }
]