Apple Macos Tahoe vulnerabilities

CVE-2025-43463 [MEDIUM] CVE-2025-43463: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43463 Component: StorageKit Impact: An app may be able to access sensitive user data Description: A parsing issue in the handling of directory paths was addressed with improved path validation.

CVE-2025-43446 [MEDIUM] CVE-2025-43446: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43446 Component: Assets Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed with improved validation of symlinks.

CVE-2025-43448 [MEDIUM] CVE-2025-43448: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43448 Component: CloudKit Impact: An app may be able to break out of its sandbox Description: This issue was addressed with improved validation of symlinks.

CVE-2025-43390 [MEDIUM] CVE-2025-43390: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43390 Component: AppleMobileFileIntegrity Impact: An app may be able to access user-sensitive data Description: A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.

CVE-2025-43468 [MEDIUM] CVE-2025-43468: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43468 Component: AppleMobileFileIntegrity Impact: An app may be able to access sensitive user data Description: A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.

CVE-2025-43445 [MEDIUM] CVE-2025-43445: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43445 Component: CoreText Impact: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2025-43378 [MEDIUM] CVE-2025-43378: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43378 Component: AppleMobileFileIntegrity Impact: An app may be able to access sensitive user data Description: A permissions issue was addressed with additional restrictions.

CVE-2025-43493 [MEDIUM] CVE-2025-43493: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43493 Component: Safari Impact: Visiting a malicious website may lead to address bar spoofing Description: The issue was addressed with improved checks.

CVE-2025-43440 [MEDIUM] CVE-2025-43440: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43440 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: This issue was addressed with improved checks

CVE-2025-43464 [MEDIUM] CVE-2025-43464: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43464 Component: Dock Impact: An app may be able to access sensitive user data Description: A race condition was addressed with improved state handling.

CVE-2025-43507 [MEDIUM] CVE-2025-43507: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43507 Component: Find My Impact: An app may be able to fingerprint the user Description: A privacy issue was addressed by moving sensitive data.

CVE-2025-43432 [MEDIUM] CVE-2025-43432: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43432 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: A use-after-free issue was addressed with improved memory management.

CVE-2025-43498 [MEDIUM] CVE-2025-43498: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43498 Component: FileProvider Impact: An app may be able to access sensitive user data Description: An authorization issue was addressed with improved state management.

CVE-2024-49761 [MEDIUM] CVE-2024-49761: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2024-49761 Component: CVE-2024-49761

CVE-2025-43382 [MEDIUM] CVE-2025-43382: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43382 Component: AppleMobileFileIntegrity Impact: An app may be able to access sensitive user data Description: A parsing issue in the handling of directory paths was addressed with improved path validation.

CVE-2025-43466 [MEDIUM] CVE-2025-43466: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43466 Component: AppleMobileFileIntegrity Impact: An app may be able to access sensitive user data Description: An injection issue was addressed with improved validation.

CVE-2025-43471 [MEDIUM] CVE-2025-43471: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43471 Component: Admin Framework Impact: An app may be able to access sensitive user data Description: The issue was addressed with improved checks.

CVE-2025-43520 [MEDIUM] CVE-2025-43520: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43520 Component: Kernel Impact: A malicious application may be able to cause unexpected system termination or write kernel memory Description: A memory corruption issue was addressed with improved memory handling.

CVE-2025-43406 [MEDIUM] CVE-2025-43406: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43406 Component: Sandbox Impact: An app may be able to access sensitive user data Description: A logic issue was addressed with improved restrictions.

CVE-2025-43414 [MEDIUM] CVE-2025-43414: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43414 Component: Shortcuts Impact: A shortcut may be able to access files that are normally inaccessible to the Shortcuts app Description: A permissions issue was addressed with improved validation.