This page lists publicly disclosed CVE vulnerabilities affecting apple keynote (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-46306 | The issue was addressed with improved bounds checks. This issue is fixed in Keynote 15.1, iOS 26 and iPadOS 26, macOS Tahoe 26. Processing a maliciously crafted Keynote file may disclose memory contents. | [email protected] | 5.5 | 0.12% | 2026-01-28 | 2026-03-25 |
| CVE-2017-2391 | An issue was discovered in certain Apple products. Pages before 6.1, Numbers before 4.1, and Keynote before 7.1 on macOS and Pages before 3.1, Numbers before 3.1, and Keynote before 3.1 on iOS are affected. The issue involves the "Export" component. It allows users to bypass iWork PDF password protection by leveraging use of 40-bit RC4. | [email protected] | 5.3 | 0.96% | 2017-04-02 | 2026-05-13 |
| CVE-2015-7033 | The Apple iWork application before 2.6 for iOS, Apple Keynote before 6.6, Apple Pages before 5.6, and Apple Numbers before 3.6 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted document. | [email protected] | 6.8 | 2.92% | 2015-10-18 | 2026-05-06 |
| CVE-2015-7032 | The Apple iWork application before 2.6 for iOS, Apple Keynote before 6.6, Apple Pages before 5.6, and Apple Numbers before 3.6 allow remote attackers to obtain sensitive information via a crafted document. | [email protected] | 4.3 | 2.04% | 2015-10-18 | 2026-05-06 |
| CVE-2015-3784 | Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | [email protected] | 5.0 | 2.50% | 2015-08-16 | 2026-05-06 |
| CVE-2013-5148 | Apple Keynote before 6.0 does not properly handle the interaction between Keynote presentation mode and the Screen Lock implementation, which allows physically proximate attackers to obtain access by visiting an unattended workstation on which this mode was enabled during a sleep operation. | [email protected] | 7.2 | 0.33% | 2013-10-24 | 2026-04-29 |
| CVE-2005-1408 | Apple Keynote 2.0 and 2.0.1 allows remote attackers to read arbitrary files via the keynote: URI handler in a crafted Keynote presentation. | [email protected] | 5.0 | 1.54% | 2005-05-26 | 2026-04-16 |