Apple macOS vulnerabilities
3,180 known vulnerabilities affecting apple/macos.
Total CVEs
3,180
CISA KEV
75
actively exploited
Public exploits
44
Exploited in wild
61
Severity breakdown
CRITICAL211HIGH1380MEDIUM1439LOW150
Vulnerabilities
Page 20 of 159
CVE-2025-43314MEDIUMCVSS 5.5≥ 14.0, < 14.8≥ 15.0, < 15.7+3 more2025-09-15
CVE-2025-43314 [MEDIUM] CWE-22 CVE-2025-43314: A parsing issue in the handling of directory paths was addressed with improved path validation. This
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access sensitive user data.
cvelistv5nvd
CVE-2025-43325MEDIUMCVSS 5.5fixed in 26.0fixed in 262025-09-15
CVE-2025-43325 [MEDIUM] CWE-284 CVE-2025-43325: An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tah
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user data.
cvelistv5nvd
CVE-2025-43346MEDIUMCVSS 5.5fixed in 26.0fixed in 262025-09-15
CVE-2025-43346 [MEDIUM] CWE-125 CVE-2025-43346: An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iO
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
cvelistv5nvd
CVE-2025-43321MEDIUMCVSS 5.5≥ 14.0, < 14.8≥ 15.0, < 15.7+3 more2025-09-15
CVE-2025-43321 [MEDIUM] CWE-284 CVE-2025-43321: The issue was resolved by blocking unsigned services from launching on Intel Macs. This issue is fix
The issue was resolved by blocking unsigned services from launching on Intel Macs. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data.
cvelistv5nvd
CVE-2025-43326MEDIUMCVSS 5.5≥ 14.0, < 14.8≥ 15.0, < 15.7+3 more2025-09-15
CVE-2025-43326 [MEDIUM] CWE-125 CVE-2025-43326: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequ
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access sensitive user data.
cvelistv5nvd
CVE-2025-43332MEDIUMCVSS 5.2≥ 14.0, < 14.8≥ 15.0, < 15.7+3 more2025-09-15
CVE-2025-43332 [MEDIUM] CWE-284 CVE-2025-43332: A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia
A file quarantine bypass was addressed with additional checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to break out of its sandbox.
cvelistv5nvd
CVE-2025-43305MEDIUMCVSS 5.5≥ 14.0, < 14.8≥ 15.0, < 15.7+3 more2025-09-15
CVE-2025-43305 [MEDIUM] CWE-284 CVE-2025-43305: A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS S
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A malicious app may be able to access private information.
cvelistv5nvd
CVE-2025-43285MEDIUMCVSS 5.5≥ 14.0, < 14.8≥ 15.0, < 15.7+3 more2025-09-15
CVE-2025-43285 [MEDIUM] CWE-284 CVE-2025-43285: A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data.
cvelistv5nvd
CVE-2025-31270MEDIUMCVSS 5.5fixed in 26.0fixed in 262025-09-15
CVE-2025-31270 [MEDIUM] CWE-284 CVE-2025-31270: A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 2
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data.
cvelistv5nvd
CVE-2025-43302MEDIUMCVSS 5.5≥ 14.0, < 14.8≥ 15.0, < 15.7+3 more2025-09-15
CVE-2025-43302 [MEDIUM] CWE-787 CVE-2025-43302: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to cause unexpected system termination.
cvelistv5nvd
CVE-2025-43331MEDIUMCVSS 4.0fixed in 26.0fixed in 262025-09-15
CVE-2025-43331 [MEDIUM] CWE-862 CVE-2025-43331: A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in ma
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data.
cvelistv5nvd
CVE-2025-43303MEDIUMCVSS 5.5fixed in 26.0fixed in 262025-09-15
CVE-2025-43303 [MEDIUM] CWE-532 CVE-2025-43303: A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26 and iPadOS
A logging issue was addressed with improved data redaction. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to access sensitive user data.
cvelistv5nvd
CVE-2025-43317MEDIUMCVSS 5.5fixed in 26.0fixed in 262025-09-15
CVE-2025-43317 [MEDIUM] CWE-284 CVE-2025-43317: A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26 and iP
A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to access sensitive user data.
cvelistv5nvd
CVE-2025-43337MEDIUMCVSS 5.5fixed in 26.0fixed in 15.7.2+1 more2025-09-15
CVE-2025-43337 [MEDIUM] CWE-284 CVE-2025-43337: An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Seq
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26. An app may be able to access sensitive user data.
cvelistv5nvd
CVE-2025-43291MEDIUMCVSS 5.5≥ 14.0, < 14.8≥ 15.0, < 15.7+3 more2025-09-15
CVE-2025-43291 [MEDIUM] CWE-284 CVE-2025-43291: A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequ
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to modify protected parts of the file system.
cvelistv5nvd
CVE-2025-43207MEDIUMCVSS 5.5fixed in 26.0fixed in 262025-09-15
CVE-2025-43207 [MEDIUM] CWE-284 CVE-2025-43207: This issue was addressed with improved entitlements. This issue is fixed in macOS Tahoe 26. An app m
This issue was addressed with improved entitlements. This issue is fixed in macOS Tahoe 26. An app may be able to access user-sensitive data.
cvelistv5nvd
CVE-2025-43301LOWCVSS 3.3≥ 14.0, ≤ 14.8≥ 15.0, < 15.7+3 more2025-09-15
CVE-2025-43301 [LOW] CWE-359 CVE-2025-43301: A privacy issue was addressed with improved private data redaction for log entries. This issue is fi
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access contact info related to notifications in Notification Center.
cvelistv5nvd
CVE-2025-43349LOWCVSS 2.8≥ 14.0, < 14.8≥ 15.0, < 15.7+3 more2025-09-15
CVE-2025-43349 [LOW] CWE-787 CVE-2025-43349: An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iO
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. Processing a maliciously crafted video file may lead to unexpected app termination.
cvelistv5nvd
CVE-2025-43344LOWCVSS 3.3fixed in 26.0fixed in 262025-09-15
CVE-2025-43344 [LOW] CWE-125 CVE-2025-43344: An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iO
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26, tvOS 26, visionOS 26, watchOS 26. An app may be able to cause unexpected system termination.
cvelistv5nvd
CVE-2025-43357LOWCVSS 3.3fixed in 26.0fixed in 262025-09-15
CVE-2025-43357 [LOW] CWE-359 CVE-2025-43357: This issue was addressed with improved redaction of sensitive information. This issue is fixed in iO
This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 26 and iPadOS 26, macOS Tahoe 26. An app may be able to fingerprint the user.
cvelistv5nvd