Apple is rolling out iOS 15.3.1 and iPadOS 15.3.1 that is expected to fix a critical vulnerability related to WebKit.
The vulnerability is related to WebKit allowing malicious websites to execute a code on devices such as iPhone 6 and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation). As per Apple’s statement the vulnerability has been exploited, but it shares no details on the number of affected users nor on the damage caused.
IMPACT: PROCESSING MALICIOUSLY CRAFTED WEB CONTENT MAY LEAD TO ARBITRARY CODE EXECUTION. APPLE IS AWARE OF A REPORT THAT THIS ISSUE MAY HAVE BEEN ACTIVELY EXPLOITED.
Apple is also seeding watchOS 8.4.2 and macOS Monteray 12.2.1, fixing the same issue. The latter is supposed to squash the Bluetooth battery draining bug as well.
Source 1