VYPR

macOS Tahoe

by Apple Inc.

CVEs (156)

  • CVE-2025-43455MedNov 4, 2025
    risk 0.36cvss 5.5epss 0.00

    A privacy issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. A malicious app may be able to take a screenshot of sensitive information in embedded views.

  • CVE-2025-43447MedNov 4, 2025
    risk 0.36cvss 5.5epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. An app may be able to cause unexpected system termination or corrupt kernel memory.

  • CVE-2025-43446MedNov 4, 2025
    risk 0.36cvss 5.5epss 0.00

    This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to modify protected parts of the file system.

  • CVE-2025-43426MedNov 4, 2025
    risk 0.36cvss 5.5epss 0.00

    A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1. An app may be able to access sensitive user data.

  • CVE-2025-43411MedNov 4, 2025
    risk 0.36cvss 5.5epss 0.00

    This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data.

  • CVE-2025-43397MedNov 4, 2025
    risk 0.36cvss 5.5epss 0.00

    A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to cause a denial-of-service.

  • CVE-2025-43394MedNov 4, 2025
    risk 0.36cvss 5.5epss 0.00

    This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access protected user data.

  • CVE-2025-43389MedNov 4, 2025
    risk 0.36cvss 5.5epss 0.00

    A privacy issue was addressed by removing the vulnerable code. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, visionOS 26.1. An app may be able to access sensitive user data.

  • CVE-2025-43382MedNov 4, 2025
    risk 0.36cvss 5.5epss 0.00

    A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data.

  • CVE-2025-43380MedNov 4, 2025
    risk 0.36cvss 5.5epss 0.00

    An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. Parsing a file may lead to an unexpected app termination.

  • CVE-2025-43348MedNov 4, 2025
    risk 0.36cvss 5.5epss 0.00

    A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may bypass Gatekeeper checks.

  • CVE-2025-43322MedNov 4, 2025
    risk 0.36cvss 5.5epss 0.00

    A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access user-sensitive data.

  • CVE-2025-43288MedNov 4, 2025
    risk 0.36cvss 5.5epss 0.00

    This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Sequoia 15.7, macOS Tahoe 26. An app may be able to bypass Privacy preferences.

  • CVE-2026-28838MedMar 25, 2026
    risk 0.34cvss 5.3epss 0.00

    A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to break out of its sandbox.

  • CVE-2026-20676MedFeb 11, 2026
    risk 0.34cvss 5.3epss 0.00

    This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 26.3 and iPadOS 26.3, macOS Tahoe 26.3, visionOS 26.3. A website may be able to track users through Safari web extensions.

  • CVE-2026-20673MedFeb 11, 2026
    risk 0.34cvss 5.3epss 0.00

    A logic issue was addressed with improved checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. Turning off "Load remote content in messages” may not apply to all mail previews.

  • CVE-2025-43444MedNov 4, 2025
    risk 0.34cvss 5.3epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. An app may be able to fingerprint the user.

  • CVE-2025-43420MedNov 4, 2025
    risk 0.31cvss 4.7epss 0.00

    A race condition was addressed with improved state handling. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access sensitive user data.

  • CVE-2026-20605MedFeb 11, 2026
    risk 0.30cvss 4.6epss 0.00

    The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.3. An app may be able to crash a system process.

  • CVE-2025-43336MedNov 4, 2025
    risk 0.29cvss 4.4epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app with root privileges may be able to access private information.

Page 4 of 8