5.5
CVE-2025-43218 - OutβofβBounds Read in macOS from Malicious USD Files
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6. Processing a maliciously crafted USD file may disclose memory contents.
6.5
CVE-2025-24188 -
A logic issue was addressed with improved checks. This issue is fixed in Safari 18.6, macOS Sequoia 15.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.
6.5
CVE-2025-43216 - webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash
A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 18.6, iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. Processing maliciously crafted web content may lead to an unexpected Safari crash.
9.8
CVE-2025-43186 - Buffer Overflow in Apple's File Parsing Leading to Application Crash
The issue was addressed with improved memory handling. This issue is fixed in iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7, tvOS 18.6, visionOS 2.6, watchOS 11.6. Parsing a file may lead to an unexpected app termination.
4
CVE-2025-43217 - Inaccurate Microphone and Camera Privacy Indicator Display
The issue was addressed by adding additional logic. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9. Privacy Indicators for microphone or camera access may not be correctly displayed.
5.3
CVE-2025-43276 - Private Relay Non-Activation During Concurrent User Logins
A logic error was addressed with improved error handling. This issue is fixed in macOS Sequoia 15.6. iCloud Private Relay may not activate when more than one user is logged in at the same time.
5.3
CVE-2025-31276 - iOS/iPadOS Remote Image Loading Despite Disabled Setting
This issue was addressed through improved state management. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9. Remote content may be loaded even when the 'Load Remote Images' setting is turned off.
5.1
CVE-2025-43260 - Privileged App Entitlement Hijacking in macOS
This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to hijack entitlements granted to other privileged apps.
5.5
CVE-2025-43247 - Rootβprivileged App May Modify System Files on macOS via Permission Misconfiguration
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. A malicious app with root privileges may be able to modify the contents of system files.
4
CVE-2025-43230 - Imprecise Access Control Allows Sensitive Data Disclosure on Apple Operating Systems
The issue was addressed with additional permissions checks. This issue is fixed in iOS 18.6 and iPadOS 18.6, iPadOS 17.7.9, macOS Sequoia 15.6, tvOS 18.6, visionOS 2.6, watchOS 11.6. An app may be able to access user-sensitive data.