Apple has released emergency security updates to address two zero-day vulnerabilities in the WebKit browser engine, impacting iPhone, iPad, and Mac devices. These vulnerabilities, identified as CVE-2023-42916 and CVE-2023-42917, could be exploited by attackers to gain access to sensitive information and execute arbitrary code through maliciously crafted webpages. The emergency updates, applicable to devices running iOS 17.1.2, iPadOS 17.1.2, macOS Sonoma 14.1.2, and Safari 17.1.2, include improved input validation and locking to mitigate the risks. While Apple has not disclosed ongoing exploitation, these zero-days mark the 19th and 20th vulnerabilities exploited in attacks fixed by Apple in 2023. Security researcher Clément Lecigne from Google's Threat Analysis Group discovered and reported both zero-days.