Apple Macos Tahoe vulnerabilities

CVE-2025-43364 [HIGH] CVE-2025-43364: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43364 Component: NetFSFramework Impact: An app may be able to break out of its sandbox Description: A race condition was addressed with additional validation.

CVE-2025-43474 [HIGH] CVE-2025-43474: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43474 Component: GPU Drivers Impact: An app may be able to cause unexpected system termination or read kernel memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2025-43407 [HIGH] CVE-2025-43407: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43407 Component: Assets Impact: An app may be able to break out of its sandbox Description: This issue was addressed with improved entitlements.

CVE-2025-43480 [HIGH] CVE-2025-43480: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43480 Component: WebKit Impact: A malicious website may exfiltrate data cross-origin Description: The issue was addressed with improved checks.

CVE-2025-43462 [HIGH] CVE-2025-43462: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43462 Impact: An app may be able to cause unexpected system termination or corrupt kernel memory Description: The issue was addressed with improved memory handling.

CVE-2025-43405 [HIGH] CVE-2025-43405: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43405 Component: Photos Impact: An app may be able to access user-sensitive data Description: A permissions issue was addressed with additional sandbox restrictions.

CVE-2025-43472 [HIGH] CVE-2025-43472: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43472 Component: WindowServer Impact: An app may be able to cause unexpected system termination or corrupt process memory Description: The issue was addressed with improved memory handling.

CVE-2025-43401 [HIGH] CVE-2025-43401: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43401 Component: CoreAnimation Impact: A remote attacker may be able to cause a denial-of-service Description: A denial-of-service issue was addressed with improved validation.

CVE-2025-43447 [MEDIUM] CVE-2025-43447: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43447 Impact: An app may be able to cause unexpected system termination or corrupt kernel memory Description: The issue was addressed with improved memory handling.

CVE-2025-43458 [MEDIUM] CVE-2025-43458: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43458 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: This issue was addressed through improved state management.

CVE-2025-43381 [MEDIUM] CVE-2025-43381: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43381 Component: CoreServicesUIAgent Impact: A malicious app may be able to delete protected user data Description: This issue was addressed with improved handling of symlinks.

CVE-2025-43348 [MEDIUM] CVE-2025-43348: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43348 Component: Finder Impact: An app may bypass Gatekeeper checks Description: A logic issue was addressed with improved validation.

CVE-2025-46316 [MEDIUM] CVE-2025-46316: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-46316 Component: QuickLook Impact: Processing a maliciously crafted Pages document may result in unexpected termination or disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2025-6442 [MEDIUM] CVE-2025-6442: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-6442 Component: CVE-2025-6442

CVE-2025-43421 [MEDIUM] CVE-2025-43421: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43421 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: Multiple issues were addressed by disabling array allocation sinking.

CVE-2025-43412 [MEDIUM] CVE-2025-43412: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43412 Component: TCC Impact: An app may be able to break out of its sandbox Description: A file quarantine bypass was addressed with additional checks.

CVE-2025-43388 [MEDIUM] CVE-2025-43388: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43388 Component: AppleMobileFileIntegrity Impact: An app may be able to access sensitive user data Description: An injection issue was addressed with improved validation.

CVE-2025-43435 [MEDIUM] CVE-2025-43435: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43435 Component: WebKit Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: The issue was addressed with improved memory handling.

CVE-2025-43394 [MEDIUM] CVE-2025-43394: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43394 Component: BackBoardServices Impact: An app may be able to break out of its sandbox Description: An access issue was addressed with additional sandbox restrictions.

CVE-2025-43473 [MEDIUM] CVE-2025-43473: macOS Tahoe 26.1 Apple Security Update: About the security content of macOS Tahoe 26.1 Product: macOS Tahoe Version: 26.1 CVE: CVE-2025-43473 Component: Shortcuts Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved state management.