Apple Macos Tahoe vulnerabilities

CVE-2025-43320 [HIGH] CVE-2025-43320: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-43320 Component: AppleMobileFileIntegrity Impact: An app may be able to bypass launch constraint protections and execute malicious code with elevated privileges Description: The issue was addressed by adding additional logic.

CVE-2025-43372 [HIGH] CVE-2025-43372: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-43372 Component: CoreMedia Impact: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory Description: The issue was addressed with improved input validation.

CVE-2025-43286 [HIGH] CVE-2025-43286: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-43286 Component: SharedFileList Impact: An app may be able to break out of its sandbox Description: A permissions issue was addressed with additional restrictions.

CVE-2025-31271 [HIGH] CVE-2025-31271: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-31271 Component: FaceTime Impact: Incoming FaceTime calls can appear or be accepted on a locked macOS device, even with notifications disabled on the lock screen Description: This issue was addressed through improved state management.

CVE-2025-43333 [HIGH] CVE-2025-43333: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-43333 Component: Spotlight Impact: An app may be able to gain root privileges Description: A permissions issue was addressed with additional restrictions.

CVE-2025-43330 [HIGH] CVE-2025-43330: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-43330 Component: ATS Impact: An app may be able to break out of its sandbox Description: This issue was addressed by removing the vulnerable code.

CVE-2025-6965 [HIGH] CVE-2025-6965: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-6965 Component: CVE-2025-6965

CVE-2025-43323 [HIGH] CVE-2025-43323: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-43323 Component: CloudKit Impact: An app may be able to fingerprint the user Description: This issue was addressed with additional entitlement checks.

CVE-2025-43340 [HIGH] CVE-2025-43340: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-43340 Component: AppleMobileFileIntegrity Impact: An app may be able to break out of its sandbox Description: A permissions issue was addressed with additional restrictions.

CVE-2025-43304 [HIGH] CVE-2025-43304: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-43304 Component: StorageKit Impact: An app may be able to gain root privileges Description: A race condition was addressed with improved state handling.

CVE-2025-43316 [HIGH] CVE-2025-43316: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-43316 Component: DiskArbitration Impact: A malicious app may be able to gain root privileges Description: A permissions issue was addressed with additional restrictions.

CVE-2025-43419 [HIGH] CVE-2025-43419: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-43419 Component: WebKit Impact: Processing maliciously crafted web content may lead to memory corruption Description: The issue was addressed with improved memory handling.

CVE-2025-43204 [HIGH] CVE-2025-43204: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-43204 Component: RemoteViewServices Impact: An app may be able to break out of its sandbox Description: This issue was addressed by removing the vulnerable code.

CVE-2025-43358 [HIGH] CVE-2025-43358: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-43358 Component: Shortcuts Impact: A shortcut may be able to bypass sandbox restrictions Description: A permissions issue was addressed with additional sandbox restrictions.

CVE-2025-43376 [HIGH] CVE-2025-43376: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-43376 Component: WebKit Impact: A remote attacker may be able to view leaked DNS queries with Private Relay turned on Description: A logic issue was addressed with improved state management.

CVE-2025-43298 [HIGH] CVE-2025-43298: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-43298 Component: PackageKit Impact: An app may be able to gain root privileges Description: A parsing issue in the handling of directory paths was addressed with improved path validation.

CVE-2025-43338 [HIGH] CVE-2025-43338: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-43338 Component: ImageIO Impact: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory Description: An out-of-bounds access issue was addressed with improved bounds checking.

CVE-2025-43287 [HIGH] CVE-2025-43287: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-43287 Component: ImageIO Impact: Processing a maliciously crafted image may corrupt process memory Description: The issue was addressed with improved memory handling.

CVE-2025-31259 [HIGH] CVE-2025-31259: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-31259 Component: Screenshots Impact: An app may be able to capture a screenshot of an app entering or exiting full screen mode Description: A privacy issue was addressed with improved checks.

CVE-2025-43341 [HIGH] CVE-2025-43341: macOS Tahoe 26 Apple Security Update: About the security content of macOS Tahoe 26 Product: macOS Tahoe Version: 26 CVE: CVE-2025-43341 Component: Storage Impact: An app may be able to gain root privileges Description: A permissions issue was addressed with additional restrictions.