CVE-2025-24088: An app may be able to override MDM-enforced settings from profiles.
Affects CoreServices |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-24133: Keyboard suggestions may display sensitive information on the lock screen.
Affects Text Input |
| x |
|
|
|
|
|
|
|
|
|
CVE-2025-24197: An app may be able to access sensitive user data.
Affects Spotlight |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-30468: Private Browsing tabs may be accessed without authentication.
Affects Siri |
| x |
|
|
|
|
|
|
|
|
|
CVE-2025-31254: Processing maliciously crafted web content may lead to unexpected URL redirection.
Affects Safari |
| x |
|
|
|
|
|
|
|
|
|
CVE-2025-31255: An app may be able to access sensitive user data.
Affects IOKit |
| x |
|
|
|
x |
x |
x |
x |
x |
|
CVE-2025-31259: An app may be able to capture a screenshot of an app entering or exiting full screen mode.
Affects Screenshots |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-31268: An app may be able to access protected user data.
Affects Apple Online Store Kit |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-31269: An app may be able to access protected user data.
Affects Printing |
| |
|
|
|
x |
|
x |
|
|
|
CVE-2025-31270: An app may be able to access protected user data.
Affects Foundation |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-31271: Incoming FaceTime calls can appear or be accepted on a locked macOS device, even with notifications disabled on the lock screen.
Affects FaceTime |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43190: An app may be able to access sensitive user data.
Affects Spell Check |
| x |
|
|
|
x |
x |
x |
|
x |
x |
CVE-2025-43203: An attacker with physical access to an unlocked device may be able to view an image in the most recently viewed locked note.
Affects Notes |
| x |
x |
|
|
|
|
|
|
|
|
CVE-2025-43204: An app may be able to break out of its sandbox.
Affects RemoteViewServices |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43207: An app may be able to access user-sensitive data.
Affects Music |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43208: An app may be able to read sensitive location information.
Affects Airport |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43231: An app may be able to access user-sensitive data.
Affects LaunchServices |
| |
|
|
|
|
|
x |
|
|
|
CVE-2025-43262: USB Restricted Mode may not be applied to accessories connected during boot.
Affects Trusted Device |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43272: Processing maliciously crafted web content may lead to an unexpected Safari crash.
Affects WebKit |
| x |
|
|
|
x |
|
|
|
x |
x |
CVE-2025-43273: A sandboxed process may be able to circumvent sandbox restrictions.
Affects CoreMedia |
| |
|
|
|
|
|
x |
|
|
|
CVE-2025-43277: Processing a maliciously crafted audio file may lead to memory corruption.
Affects CoreAudio |
| |
|
|
|
|
|
x |
|
|
|
CVE-2025-43279: An app may be able to access user-sensitive data.
Affects Notification Center |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43283: An app may be able to cause unexpected system termination.
Affects GPU Drivers |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43285: An app may be able to access protected user data.
Affects AppSandbox |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43286: An app may be able to break out of its sandbox.
Affects SharedFileList |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43287: Processing a maliciously crafted image may corrupt process memory.
Affects ImageIO |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43291: An app may be able to modify protected parts of the file system.
Affects SharedFileList |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43292: An app may be able to access sensitive user data.
Affects CoreMedia |
| |
|
|
|
x |
x |
|
|
|
|
CVE-2025-43293: An app may be able to access sensitive user data.
Affects SharedFileList |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43294: An app may be able to access sensitive user data.
Affects MallocStackLogging |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43295: An app may be able to cause a denial-of-service.
Affects libc |
| |
x |
|
|
x |
x |
x |
|
|
|
CVE-2025-43297: An app may be able to cause a denial-of-service.
Affects Power Management |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43298: An app may be able to gain root privileges.
Affects PackageKit |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43300: Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals..
Affects ImageIO |
| |
|
x |
x |
|
|
|
|
|
|
CVE-2025-43301: An app may be able to access contact info related to notifications in Notification Center.
Affects Notification Center |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43302: An app may be able to cause unexpected system termination.
Affects IOHIDFamily |
| x |
x |
|
|
x |
x |
x |
x |
x |
x |
CVE-2025-43303: An app may be able to access sensitive user data.
Affects Bluetooth |
| x |
|
|
|
x |
|
|
x |
x |
x |
CVE-2025-43304: An app may be able to gain root privileges.
Affects StorageKit |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43305: A malicious app may be able to access private information.
Affects CoreServices |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43307: An app may be able to access sensitive user data.
Affects Bluetooth |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43308: An app may be able to access sensitive user data.
Affects Touch Bar Controls |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43310: An app may be able to trick a user into copying sensitive data to the pasteboard.
Affects WindowServer |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43311: An app may be able to access protected user data.
Affects Touch Bar |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43312: An app may be able to cause unexpected system termination.
Affects AMD |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43314: An app may be able to access sensitive user data.
Affects StorageKit |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43315: An app may be able to access user-sensitive data.
Affects MigrationKit |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43316: A malicious app may be able to gain root privileges.
Affects DiskArbitration |
| |
|
|
|
x |
|
|
|
|
x |
CVE-2025-43317: An app may be able to access sensitive user data.
Affects AppleMobileFileIntegrity |
| x |
|
|
|
x |
|
|
x |
x |
x |
CVE-2025-43318: An app with root privileges may be able to access private information.
Affects Sandbox |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43319: An app may be able to access protected user data.
Affects MediaLibrary |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43321: An app may be able to access protected user data.
Affects AppKit |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43325: An app may be able to access sensitive user data.
Affects Icons |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43326: An app may be able to access sensitive user data.
Affects GPU Drivers |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43327: Visiting a malicious website may lead to address bar spoofing.
Affects Safari |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43328: An app may be able to access sensitive user data.
Affects Sandbox |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43329: An app may be able to break out of its sandbox.
Affects Sandbox |
| x |
|
|
|
x |
|
|
x |
x |
|
CVE-2025-43330: An app may be able to break out of its sandbox.
Affects ATS |
| |
|
|
|
x |
x |
|
|
|
|
CVE-2025-43331: An app may be able to access protected user data.
Affects AppleMobileFileIntegrity |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43332: An app may be able to break out of its sandbox.
Affects Security Initialization |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43333: An app may be able to gain root privileges.
Affects Spotlight |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43337: An app may be able to access sensitive user data.
Affects AppleMobileFileIntegrity |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43340: An app may be able to break out of its sandbox.
Affects AppleMobileFileIntegrity |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43341: An app may be able to gain root privileges.
Affects Storage |
| |
|
|
|
x |
|
x |
|
|
|
CVE-2025-43342: Processing maliciously crafted web content may lead to an unexpected process crash.
Affects WebKit |
| x |
x |
|
|
x |
|
|
x |
x |
x |
CVE-2025-43343: Processing maliciously crafted web content may lead to an unexpected process crash.
Affects WebKit |
| x |
|
|
|
x |
|
|
x |
x |
x |
CVE-2025-43344: An app may be able to cause unexpected system termination.
Affects Apple Neural Engine |
| x |
|
|
|
x |
|
|
x |
x |
x |
CVE-2025-43346: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
Affects Audio |
| x |
x |
|
|
x |
|
|
x |
x |
x |
CVE-2025-43347: An input validation issue was addressed.
Affects System |
| x |
|
|
|
x |
|
|
x |
x |
x |
CVE-2025-43349: Processing a maliciously crafted video file may lead to unexpected app termination.
Affects CoreAudio |
| x |
x |
|
|
x |
x |
x |
x |
x |
x |
CVE-2025-43353: Processing a maliciously crafted string may lead to heap corruption.
Affects Libinfo |
| |
|
|
|
x |
x |
x |
|
|
|
CVE-2025-43355: An app may be able to cause a denial-of-service.
Affects MobileStorageMounter |
| x |
x |
|
|
x |
x |
x |
x |
x |
x |
CVE-2025-43356: A website may be able to access sensor information without user consent.
Affects WebKit |
| x |
x |
|
|
x |
|
|
x |
x |
x |
CVE-2025-43357: An app may be able to fingerprint the user.
Affects Call History |
| x |
|
|
|
x |
|
|
|
|
|
CVE-2025-43358: A shortcut may be able to bypass sandbox restrictions.
Affects Shortcuts |
| x |
x |
|
|
x |
x |
x |
|
|
|
CVE-2025-43359: A UDP server socket bound to a local interface may become bound to all interfaces.
Affects Kernel |
| x |
x |
|
|
x |
x |
x |
x |
x |
x |
CVE-2025-43362: An app may be able to monitor keystrokes without user permission.
Affects LaunchServices |
| x |
x |
|
|
|
|
|
|
|
|
CVE-2025-43366: An app may be able to disclose coprocessor memory.
Affects IOMobileFrameBuffer |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43367: An app may be able to access protected user data.
Affects Siri |
| |
|
|
|
x |
|
x |
|
|
|
CVE-2025-43368: Processing maliciously crafted web content may lead to an unexpected Safari crash.
Affects WebKit Process Model |
| x |
|
|
|
x |
|
|
|
|
|
CVE-2025-43369: An app may be able to access protected user data.
Affects SharedFileList |
| |
|
|
|
x |
|
|
|
|
|
CVE-2025-43372: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
Affects CoreMedia |
| x |
|
|
|
x |
|
|
x |
x |
x |
