Apple Macos Sequoia vulnerabilities

CVE-2025-31257 [MEDIUM] CVE-2025-31257: macOS Sequoia 15.5 Apple Security Update: About the security content of macOS Sequoia 15.5 Product: macOS Sequoia Version: 15.5 CVE: CVE-2025-31257 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: This issue was addressed with improved memory handling.

CVE-2025-31256 [MEDIUM] CVE-2025-31256: macOS Sequoia 15.5 Apple Security Update: About the security content of macOS Sequoia 15.5 Product: macOS Sequoia Version: 15.5 CVE: CVE-2025-31256 Component: Notes Impact: Hot corner may unexpectedly reveal a user’s deleted notes Description: The issue was addressed with improved handling of caches.

CVE-2025-31250 [MEDIUM] CVE-2025-31250: macOS Sequoia 15.5 Apple Security Update: About the security content of macOS Sequoia 15.5 Product: macOS Sequoia Version: 15.5 CVE: CVE-2025-31250 Component: TCC Impact: An app may be able to access sensitive user data Description: An information disclosure issue was addressed with improved privacy controls.

CVE-2025-31235 [MEDIUM] CVE-2025-31235: macOS Sequoia 15.5 Apple Security Update: About the security content of macOS Sequoia 15.5 Product: macOS Sequoia Version: 15.5 CVE: CVE-2025-31235 Component: Audio Impact: An app may be able to cause unexpected system termination Description: A double free issue was addressed with improved memory management.

CVE-2025-24142 [MEDIUM] CVE-2025-24142: macOS Sequoia 15.5 Apple Security Update: About the security content of macOS Sequoia 15.5 Product: macOS Sequoia Version: 15.5 CVE: CVE-2025-24142 Component: Notification Center Impact: An app may be able to access sensitive user data Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2025-31260 [MEDIUM] CVE-2025-31260: macOS Sequoia 15.5 Apple Security Update: About the security content of macOS Sequoia 15.5 Product: macOS Sequoia Version: 15.5 CVE: CVE-2025-31260 Impact: An app may be able to access sensitive user data Description: A permissions issue was addressed with additional restrictions.

CVE-2025-31220 [MEDIUM] CVE-2025-31220: macOS Sequoia 15.5 Apple Security Update: About the security content of macOS Sequoia 15.5 Product: macOS Sequoia Version: 15.5 CVE: CVE-2025-31220 Component: Weather Impact: A malicious app may be able to read sensitive location information Description: A privacy issue was addressed by removing sensitive data.

CVE-2025-31201 [CRITICAL] CVE-2025-31201: macOS Sequoia 15.4.1 Apple Security Update: About the security content of macOS Sequoia 15.4.1 Product: macOS Sequoia Version: 15.4.1 CVE: CVE-2025-31201 Component: RPAC Impact: An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS. Description: This issue was add

CVE-2025-31200 [CRITICAL] CVE-2025-31200: macOS Sequoia 15.4.1 Apple Security Update: About the security content of macOS Sequoia 15.4.1 Product: macOS Sequoia Version: 15.4.1 CVE: CVE-2025-31200 Component: CoreAudio Impact: Processing an audio stream in a maliciously crafted media file may result in code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on iOS. Description: A memory corruption

CVE-2025-43184 [CRITICAL] CVE-2025-43184: macOS Sequoia 15.4 Apple Security Update: About the security content of macOS Sequoia 15.4 Product: macOS Sequoia Version: 15.4 CVE: CVE-2025-43184 Component: Shortcuts Impact: A shortcut may be able to bypass sensitive Shortcuts app settings Description: This issue was addressed by adding an additional prompt for user consent.

CVE-2025-30466 [CRITICAL] CVE-2025-30466: macOS Sequoia 15.4 Apple Security Update: About the security content of macOS Sequoia 15.4 Product: macOS Sequoia Version: 15.4 CVE: CVE-2025-30466 Component: Safari Impact: A website may be able to bypass Same Origin Policy Description: This issue was addressed through improved state management.

CVE-2025-30458 [CRITICAL] CVE-2025-30458: macOS Sequoia 15.4 Apple Security Update: About the security content of macOS Sequoia 15.4 Product: macOS Sequoia Version: 15.4 CVE: CVE-2025-30458 Component: SceneKit Impact: An app may be able to read files outside of its sandbox Description: A permissions issue was addressed with additional restrictions.

CVE-2025-30457 [CRITICAL] CVE-2025-30457: macOS Sequoia 15.4 Apple Security Update: About the security content of macOS Sequoia 15.4 Product: macOS Sequoia Version: 15.4 CVE: CVE-2025-30457 Component: SystemMigration Impact: A malicious app may be able to create symlinks to protected regions of the disk Description: This issue was addressed with improved validation of symlinks.

CVE-2025-30424 [CRITICAL] CVE-2025-30424: macOS Sequoia 15.4 Apple Security Update: About the security content of macOS Sequoia 15.4 Product: macOS Sequoia Version: 15.4 CVE: CVE-2025-30424 Component: Photos Storage Impact: Deleting a conversation in Messages may expose user contact information in system logging Description: A logging issue was addressed with improved data redaction.

CVE-2025-30444 [CRITICAL] CVE-2025-30444: macOS Sequoia 15.4 Apple Security Update: About the security content of macOS Sequoia 15.4 Product: macOS Sequoia Version: 15.4 CVE: CVE-2025-30444 Component: SMB Impact: Mounting a maliciously crafted SMB network share may lead to system termination Description: A race condition was addressed with improved locking.

CVE-2025-24259 [CRITICAL] CVE-2025-24259: macOS Sequoia 15.4 Apple Security Update: About the security content of macOS Sequoia 15.4 Product: macOS Sequoia Version: 15.4 CVE: CVE-2025-24259 Component: Parental Controls Impact: An app may be able to retrieve Safari bookmarks without an entitlement check Description: This issue was addressed with additional entitlement checks.

CVE-2025-24172 [CRITICAL] CVE-2025-24172: macOS Sequoia 15.4 Apple Security Update: About the security content of macOS Sequoia 15.4 Product: macOS Sequoia Version: 15.4 CVE: CVE-2025-24172 Component: Mail Impact: "Block All Remote Content" may not apply for all mail previews Description: A permissions issue was addressed with additional sandbox restrictions.

CVE-2025-30430 [CRITICAL] CVE-2025-30430: macOS Sequoia 15.4 Apple Security Update: About the security content of macOS Sequoia 15.4 Product: macOS Sequoia Version: 15.4 CVE: CVE-2025-30430 Component: Authentication Services Impact: Password autofill may fill in passwords after failing authentication Description: This issue was addressed through improved state management.

CVE-2025-24264 [CRITICAL] CVE-2025-24264: macOS Sequoia 15.4 Apple Security Update: About the security content of macOS Sequoia 15.4 Product: macOS Sequoia Version: 15.4 CVE: CVE-2025-24264 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: The issue was addressed with improved memory handling.

CVE-2025-24231 [CRITICAL] CVE-2025-24231: macOS Sequoia 15.4 Apple Security Update: About the security content of macOS Sequoia 15.4 Product: macOS Sequoia Version: 15.4 CVE: CVE-2025-24231 Component: Software Update Impact: An app may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.