VYPR

macOS Tahoe

by Apple Inc.

CVEs (200)

  • CVE-2025-46299MedJan 9, 2026
    risk 0.28cvss 4.3epss 0.00

    A memory initialization issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may disclose internal states of the app.

  • CVE-2025-43536MedDec 17, 2025
    risk 0.28cvss 4.3epss 0.01

    A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.

  • CVE-2025-43438MedNov 4, 2025
    risk 0.28cvss 4.3epss 0.01

    A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected…

  • CVE-2025-43432MedNov 4, 2025
    risk 0.28cvss 4.3epss 0.01

    A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.

  • CVE-2025-43430MedNov 4, 2025
    risk 0.28cvss 4.3epss 0.01

    This issue was addressed through improved state management. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.

  • CVE-2025-43425MedNov 4, 2025
    risk 0.28cvss 4.3epss 0.01

    The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.

  • CVE-2025-43421MedNov 4, 2025
    risk 0.28cvss 4.3epss 0.01

    Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in Safari 26.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash.

  • CVE-2025-43392MedNov 4, 2025
    risk 0.28cvss 4.3epss 0.00

    The issue was addressed with improved handling of caches. This issue is fixed in Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1, watchOS 26.1. A website may exfiltrate image data cross-origin.

  • CVE-2026-28882MedMar 25, 2026
    risk 0.26cvss 4.0epss 0.00

    This issue was addressed with improved checks. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, tvOS 26.4, visionOS 26.4, watchOS 26.4. An app may be able to enumerate a user's installed apps.

  • CVE-2026-28826MedMar 25, 2026
    risk 0.26cvss 4.0epss 0.00

    A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. A malicious app may be able to break out of its sandbox.

  • CVE-2026-20684LowMar 25, 2026
    risk 0.21cvss 3.3epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.4. An app may bypass Gatekeeper checks.

  • CVE-2025-46279LowDec 17, 2025
    risk 0.21cvss 3.3epss 0.00

    A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. An app may be able to identify what other apps a user has installed.

  • CVE-2025-46277LowDec 17, 2025
    risk 0.21cvss 3.3epss 0.00

    A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, watchOS 26.2. An app may be able to access a user’s Safari history.

  • CVE-2025-43517LowDec 12, 2025
    risk 0.21cvss 3.3epss 0.00

    A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. An app may be able to access protected user data.

  • CVE-2025-43516LowDec 12, 2025
    risk 0.21cvss 3.3epss 0.00

    A session management issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2. A user with Voice Control enabled may be able to transcribe another user's activity.

  • CVE-2025-43395LowNov 4, 2025
    risk 0.21cvss 3.3epss 0.00

    This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An app may be able to access protected user data.

  • CVE-2025-43357LowSep 15, 2025
    risk 0.21cvss 3.3epss 0.00

    This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to fingerprint the user.

  • CVE-2025-43344LowSep 15, 2025
    risk 0.21cvss 3.3epss 0.00

    An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to cause unexpected system termination.

  • CVE-2025-43294LowSep 15, 2025
    risk 0.21cvss 3.3epss 0.00

    An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26, tvOS 26.1, watchOS 26.1. An app may be able to access sensitive user data.

  • CVE-2025-43531LowDec 17, 2025
    risk 0.20cvss 3.1epss 0.00

    A race condition was addressed with improved state handling. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to an unexpected…

Page 7 of 10