5.5
CVE-2025-24164 - Logic Flaw Allowing Modification of Protected Files in macOS
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to modify protected parts of the file system.
9.8
CVE-2025-30465 - Shortcuts App Permission Escalation Allowing Unauthorized File Access
A permissions issue was addressed with improved validation. This issue is fixed in iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sequoia 15.7.2, macOS Sonoma 14.7.5, macOS Sonoma 14.8.2, macOS Tahoe 26.1, macOS Ventura 13.7.5. A shortcut may be able to access files that are normally inaccessible to the โฆ
9.8
CVE-2025-30424 - Unredacted User Contact Information Logged After Deleting Messages Conversations
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. Deleting a conversation in Messages may expose user contact information in system logging.
9.8
CVE-2025-24172 -
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. "Block All Remote Content" may not apply for all mail previews.
7.8
CVE-2025-31188 - Race Condition Allowing Application to Bypass macOS Privacy Preferences
A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to bypass Privacy preferences.
7.8
CVE-2025-24277 - Directory Path Parsing Flaw Allowing Root Privileges
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges.
6.6
CVE-2025-3062 - Drupal Admin LTE theme - Critical - Unsupported - SA-CONTRIB-2025-010
Vulnerability in Drupal Drupal Admin LTE theme.This issue affects Drupal Admin LTE theme: *.*.
5.5
CVE-2025-24261 - Third-Party App Can Modify Protected File System Components
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to modify protected parts of the file system.
5.5
CVE-2025-24148 - Improper Executable Type Handling Allows Malicious JAR to Bypass Gatekeeper
This issue was addressed with improved handling of executable types. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious JAR file may bypass Gatekeeper checks.
5.5
CVE-2025-24236 -
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to access sensitive user data.