CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43281
https://notcve.org/view.php?id=CVE-2025-43281
15 Oct 2025 — The issue was addressed with improved authentication. This issue is fixed in macOS Sequoia 15.6. A local attacker may be able to elevate their privileges. • https://support.apple.com/en-us/124149 • CWE-287: Improper Authentication •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43328
https://notcve.org/view.php?id=CVE-2025-43328
15 Sep 2025 — A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user data. • https://support.apple.com/en-us/125110 • CWE-284: Improper Access Control •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43294
https://notcve.org/view.php?id=CVE-2025-43294
15 Sep 2025 — An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user data. • https://support.apple.com/en-us/125110 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43369
https://notcve.org/view.php?id=CVE-2025-43369
15 Sep 2025 — This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data. • https://support.apple.com/en-us/125110 • CWE-284: Improper Access Control •
CVSS: 3.3EPSS: 0%CPEs: 6EXPL: 0CVE-2025-43344
https://notcve.org/view.php?id=CVE-2025-43344
15 Sep 2025 — An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 26, watchOS 26, visionOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to cause unexpected system termination. • https://support.apple.com/en-us/125108 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-43368 – Apple Safari IPC Connection Invalidation Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2025-43368
15 Sep 2025 — A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26, macOS Tahoe 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to an unexpected Safari crash. A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in an unexpected process crash. • https://support.apple.com/en-us/125108 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-43329
https://notcve.org/view.php?id=CVE-2025-43329
15 Sep 2025 — A permissions issue was addressed with additional restrictions. This issue is fixed in watchOS 26, tvOS 26, macOS Tahoe 26, iOS 26 and iPadOS 26. An app may be able to break out of its sandbox. • https://support.apple.com/en-us/125108 • CWE-862: Missing Authorization •
CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43283
https://notcve.org/view.php?id=CVE-2025-43283
15 Sep 2025 — An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to cause unexpected system termination. • https://support.apple.com/en-us/125110 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43333
https://notcve.org/view.php?id=CVE-2025-43333
15 Sep 2025 — A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to gain root privileges. • https://support.apple.com/en-us/125110 • CWE-269: Improper Privilege Management •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-43325
https://notcve.org/view.php?id=CVE-2025-43325
15 Sep 2025 — An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user data. • https://support.apple.com/en-us/125110 • CWE-284: Improper Access Control •