VYPR

macOS Tahoe

by Apple Inc.

CVEs (200)

  • CVE-2025-43529HigKEVDec 17, 2025
    risk 0.69cvss 8.8epss 0.08

    A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to…

  • CVE-2025-43526CriDec 17, 2025
    risk 0.64cvss 9.8epss 0.01

    This issue was addressed with improved URL validation. This issue is fixed in Safari 26.2, macOS Tahoe 26.2. On a Mac with Lockdown Mode enabled, web content opened via a file URL may be able to use Web APIs that should be restricted.

  • CVE-2025-43428CriDec 17, 2025
    risk 0.64cvss 9.8epss 0.01

    A configuration issue was addressed with additional restrictions. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2. Photos in the Hidden Photos Album may be viewed without authentication.

  • CVE-2025-43347CriSep 15, 2025
    risk 0.64cvss 9.8epss 0.01

    This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An input validation issue was addressed.

  • CVE-2025-43343CriSep 15, 2025
    risk 0.64cvss 9.8epss 0.01

    The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing maliciously crafted web content may lead to an unexpected process crash.

  • CVE-2025-43342CriSep 15, 2025
    risk 0.64cvss 9.8epss 0.01

    A correctness issue was addressed with improved checks. This issue is fixed in Safari 26, iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing maliciously crafted web content may lead to an unexpected process crash.

  • CVE-2025-31255CriSep 15, 2025
    risk 0.64cvss 9.8epss 0.01

    An authorization issue was addressed with improved state management. This issue is fixed in iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, watchOS 26. An app may be able to access sensitive user data.

  • CVE-2026-20616HigFeb 11, 2026
    risk 0.57cvss 8.8epss 0.01

    An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sonoma 14.8.4, macOS Tahoe 26.3, visionOS 26.3. Processing a maliciously crafted USD file may lead to unexpected app termination.

  • CVE-2025-43419HigNov 4, 2025
    risk 0.57cvss 8.8epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in Safari 26, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing maliciously crafted web content may lead to memory corruption.

  • CVE-2025-43358HigSep 15, 2025
    risk 0.57cvss 8.8epss 0.00

    A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A shortcut may be able to bypass sandbox restrictions.

  • CVE-2025-43329HigSep 15, 2025
    risk 0.57cvss 8.8epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, watchOS 26. An app may be able to break out of its sandbox.

  • CVE-2025-43480HigNov 4, 2025
    risk 0.53cvss 8.1epss 0.00

    The issue was addressed with improved checks. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A malicious website may exfiltrate data cross-origin.

  • CVE-2025-43323HigNov 4, 2025
    risk 0.53cvss 8.1epss 0.00

    This issue was addressed with additional entitlement checks. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to fingerprint the user.

  • CVE-2025-43330HigSep 15, 2025
    risk 0.53cvss 8.2epss 0.00

    This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Tahoe 26. An app may be able to break out of its sandbox.

  • CVE-2025-43306HigMay 26, 2026
    risk 0.51cvss 7.8epss 0.00

    A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A malicious app may be able to gain root privileges.

  • CVE-2025-43527HigDec 12, 2025
    risk 0.51cvss 7.8epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26.2. An app may be able to gain root privileges.

  • CVE-2025-43512HigDec 12, 2025
    risk 0.51cvss 7.8epss 0.00

    A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to elevate privileges.

  • CVE-2025-43402HigDec 12, 2025
    risk 0.51cvss 7.8epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.1. An app may be able to cause unexpected system termination or corrupt process memory.

  • CVE-2025-43320HigDec 12, 2025
    risk 0.51cvss 7.8epss 0.00

    The issue was addressed by adding additional logic. This issue is fixed in macOS Sequoia 15.7.3, macOS Tahoe 26. An app may be able to bypass launch constraint protections and execute malicious code with elevated privileges.

  • CVE-2025-43476HigNov 4, 2025
    risk 0.51cvss 7.8epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to break out of its sandbox.

Page 1 of 10