CVE-2025-31199: An app may be able to access sensitive user data.
Affects Spotlight |
| |
|
|
x |
|
|
|
|
|
CVE-2025-43292: An app may be able to access sensitive user data.
Affects CoreMedia |
| |
|
x |
|
|
|
|
|
|
CVE-2025-43294: An app may be able to access sensitive user data.
Affects MallocStackLogging |
| x |
|
|
|
x |
x |
|
|
|
CVE-2025-43322: An app may be able to access user-sensitive data.
Affects Admin Framework |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43334: An app may be able to access user-sensitive data.
Affects sudo |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43335: An app may be able to access user-sensitive data.
Affects Security |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43336: An app with root privileges may be able to access private information.
Affects SoftwareUpdate |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43337: An app may be able to access sensitive user data.
Affects AppleMobileFileIntegrity |
| |
|
x |
|
|
|
|
|
|
CVE-2025-43338: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
Affects ImageIO |
| |
|
|
x |
|
|
|
|
|
CVE-2025-43348: An app may bypass Gatekeeper checks.
Affects Finder |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43350: An attacker may be able to view restricted content from the lock screen.
Affects Control Center |
| x |
|
|
|
|
|
|
|
|
CVE-2025-43351: An app may be able to access protected user data.
Affects StorageKit |
| |
x |
|
|
|
|
|
|
|
CVE-2025-43361: A malicious app may be able to read kernel memory.
Affects Audio |
| |
|
x |
x |
|
|
|
|
|
CVE-2025-43364: An app may be able to break out of its sandbox.
Affects NetFSFramework |
| |
x |
|
|
|
|
|
|
|
CVE-2025-43372: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
Affects ImageIO |
| |
|
|
x |
|
|
|
|
|
CVE-2025-43373: An app may be able to cause unexpected system termination or corrupt kernel memory.
Affects Wi-Fi |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43377: An app may be able to cause a denial-of-service.
Affects Model I/O |
| |
x |
x |
|
|
|
|
|
|
CVE-2025-43378: An app may be able to access sensitive user data.
Affects AppleMobileFileIntegrity |
| |
x |
x |
|
|
|
|
|
|
CVE-2025-43379: An app may be able to access protected user data.
Affects AppleMobileFileIntegrity |
| x |
x |
x |
x |
x |
x |
x |
|
|
CVE-2025-43380: Parsing a file may lead to an unexpected app termination.
Affects sips |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43381: A malicious app may be able to delete protected user data.
Affects CoreServicesUIAgent |
| |
x |
|
|
|
|
|
|
|
CVE-2025-43382: An app may be able to access sensitive user data.
Affects AppleMobileFileIntegrity |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43383: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
Affects Model I/O |
| x |
x |
|
|
x |
|
x |
|
|
CVE-2025-43384: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
Affects Model I/O |
| |
|
x |
|
|
|
|
|
|
CVE-2025-43387: A malicious app may be able to gain root privileges.
Affects DiskArbitration |
| |
x |
x |
|
|
|
|
|
|
CVE-2025-43389: An app may be able to access sensitive user data.
Affects Notes |
| x |
x |
x |
x |
|
|
x |
|
|
CVE-2025-43390: An app may be able to access user-sensitive data.
Affects AppleMobileFileIntegrity |
| |
x |
x |
|
|
|
|
|
|
CVE-2025-43391: An app may be able to access sensitive user data.
Affects Photos |
| x |
x |
x |
x |
|
|
|
|
|
CVE-2025-43392: A website may exfiltrate image data cross-origin.
Affects WebKit Canvas |
| x |
x |
|
|
x |
x |
x |
x |
|
CVE-2025-43393: An app may be able to break out of its sandbox.
Affects quarantine |
| |
x |
|
|
|
|
|
|
|
CVE-2025-43394: An app may be able to access protected user data.
Affects bootp |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43395: An app may be able to access protected user data.
Affects configd |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43396: A sandboxed app may be able to access sensitive user data.
Affects Installer |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43397: An app may be able to cause a denial-of-service.
Affects SoftwareUpdate |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43398: An app may be able to cause unexpected system termination.
Affects Kernel |
| x |
x |
x |
x |
x |
x |
x |
|
|
CVE-2025-43399: An app may be able to access protected user data.
Affects Siri |
| |
x |
x |
|
|
|
|
|
|
CVE-2025-43400: Processing a maliciously crafted font may lead to unexpected app termination or corrupt process memory.
Affects FontParser |
| |
|
|
|
x |
x |
|
|
|
CVE-2025-43401: A remote attacker may be able to cause a denial-of-service.
Affects CoreAnimation |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43402: An app may be able to cause unexpected system termination or corrupt process memory.
Affects WindowServer |
| |
x |
|
|
|
|
|
|
|
CVE-2025-43404: An app may be able to access sensitive user data.
Affects Sandbox |
| |
x |
|
|
|
|
|
|
|
CVE-2025-43405: An app may be able to access user-sensitive data.
Affects Photos |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43406: An app may be able to access sensitive user data.
Affects Sandbox |
| |
x |
|
|
|
|
|
|
|
CVE-2025-43407: An app may be able to break out of its sandbox.
Affects Assets |
| x |
x |
x |
x |
x |
|
x |
|
|
CVE-2025-43408: An attacker with physical access may be able to access contacts from the lock screen.
Affects Share Sheet |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43409: An app may be able to access sensitive user data.
Affects Spotlight |
| |
x |
x |
|
|
|
|
|
|
CVE-2025-43411: An app may be able to access user-sensitive data.
Affects PackageKit |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43412: An app may be able to break out of its sandbox.
Affects TCC |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43413: A sandboxed app may be able to observe system-wide network connections.
Affects libxpc |
| x |
x |
x |
x |
x |
x |
x |
|
|
CVE-2025-43414: A shortcut may be able to access files that are normally inaccessible to the Shortcuts app.
Affects Shortcuts |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43420: An app may be able to access sensitive user data.
Affects Dock |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43421: Processing maliciously crafted web content may lead to an unexpected process crash.
Affects WebKit |
| x |
x |
|
|
|
|
x |
x |
|
CVE-2025-43422: An attacker with physical access to a device may be able to disable Stolen Device Protection.
Affects Stolen Device Protection |
| x |
|
|
|
|
|
|
|
|
CVE-2025-43423: An attacker with physical access to an unlocked device paired with a Mac may be able to view sensitive user information in system logging.
Affects Audio |
| x |
x |
x |
|
|
|
x |
|
|
CVE-2025-43424: A malicious HID device may cause an unexpected process crash.
Affects Multi-Touch |
| x |
x |
|
|
|
|
|
|
|
CVE-2025-43425: Processing maliciously crafted web content may lead to an unexpected process crash.
Affects WebKit |
| x |
x |
|
|
x |
x |
x |
x |
|
CVE-2025-43426: An app may be able to access sensitive user data.
Affects Contacts |
| x |
x |
|
|
|
|
|
|
|
CVE-2025-43427: Processing maliciously crafted web content may lead to an unexpected process crash.
Affects WebKit |
| x |
x |
|
|
x |
|
x |
x |
|
CVE-2025-43429: Processing maliciously crafted web content may lead to an unexpected process crash.
Affects WebKit |
| x |
x |
|
|
x |
x |
x |
x |
|
CVE-2025-43430: Processing maliciously crafted web content may lead to an unexpected process crash.
Affects WebKit |
| |
|
|
|
|
x |
|
|
|
CVE-2025-43431: Processing maliciously crafted web content may lead to memory corruption.
Affects WebKit |
| x |
x |
|
|
x |
x |
x |
x |
|
CVE-2025-43432: Processing maliciously crafted web content may lead to an unexpected process crash.
Affects WebKit |
| x |
x |
|
|
x |
x |
x |
x |
|
CVE-2025-43434: Processing maliciously crafted web content may lead to an unexpected Safari crash.
Affects WebKit |
| x |
x |
|
|
|
x |
x |
x |
|
CVE-2025-43436: An app may be able to enumerate a user’s installed apps.
Affects CoreServices |
| x |
x |
|
|
x |
x |
x |
|
|
CVE-2025-43439: An app may be able to fingerprint the user.
Affects On-device Intelligence |
| x |
|
|
|
|
|
x |
|
|
CVE-2025-43440: Processing maliciously crafted web content may lead to an unexpected process crash.
Affects WebKit |
| x |
x |
|
|
x |
x |
x |
x |
|
CVE-2025-43442: An app may be able to identify what other apps a user has installed.
Affects Accessibility |
| x |
|
|
|
|
|
|
|
|
CVE-2025-43443: Processing maliciously crafted web content may lead to an unexpected process crash.
Affects WebKit |
| x |
x |
|
|
x |
x |
x |
x |
|
CVE-2025-43444: An app may be able to fingerprint the user.
Affects Installer |
| x |
x |
|
|
x |
x |
x |
|
|
CVE-2025-43445: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory.
Affects CoreText |
| x |
x |
x |
x |
x |
x |
x |
|
|
CVE-2025-43446: An app may be able to modify protected parts of the file system.
Affects Assets |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43448: An app may be able to break out of its sandbox.
Affects CloudKit |
| x |
x |
x |
x |
x |
x |
x |
|
|
CVE-2025-43449: A malicious app may be able to track users between installs.
Affects Apple TV Remote |
| x |
|
|
|
|
|
|
|
|
CVE-2025-43450: An app may be able to learn information about the current camera view before being granted camera access.
Affects Camera |
| x |
|
|
|
|
|
|
|
|
CVE-2025-43452: Keyboard suggestions may display sensitive information on the lock screen.
Affects Text Input |
| x |
|
|
|
|
|
|
|
|
CVE-2025-43454: A device may persistently fail to lock.
Affects Siri |
| x |
|
|
|
|
|
|
|
|
CVE-2025-43455: A malicious app may be able to take a screenshot of sensitive information in embedded views.
Affects Apple Account |
| x |
x |
|
|
|
x |
x |
|
|
CVE-2025-43459: An attacker with physical access to a locked Apple Watch may be able to view Live Voicemail.
Affects Phone |
| |
|
|
|
|
x |
|
|
|
CVE-2025-43460: An attacker with physical access to a locked device may be able to view sensitive user information.
Affects Status Bar |
| x |
|
|
|
|
|
|
|
|
CVE-2025-43461: An app may be able to access protected user data.
Affects configd |
| |
x |
|
|
|
|
|
|
|
CVE-2025-43462: An app may be able to cause unexpected system termination or corrupt kernel memory.
Affects Apple Neural Engine |
| x |
x |
|
|
x |
x |
x |
|
|
CVE-2025-43463: An app may be able to access sensitive user data.
Affects StorageKit |
| |
x |
|
|
|
|
|
|
|
CVE-2025-43464: Visiting a website may lead to an app denial-of-service.
Affects dyld |
| |
x |
|
|
|
|
|
|
|
CVE-2025-43465: An app may be able to access sensitive user data.
Affects ATS |
| |
x |
|
|
|
|
|
|
|
CVE-2025-43466: An app may be able to access sensitive user data.
Affects AppleMobileFileIntegrity |
| |
x |
|
|
|
|
|
|
|
CVE-2025-43467: An app may be able to gain root privileges.
Affects Installer |
| |
x |
|
|
|
|
|
|
|
CVE-2025-43468: An app may be able to access sensitive user data.
Affects AppleMobileFileIntegrity |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43469: An app may be able to access sensitive user data.
Affects NSSpellChecker |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43471: An app may be able to access sensitive user data.
Affects Admin Framework |
| |
x |
|
|
|
|
|
|
|
CVE-2025-43472: An app may be able to gain root privileges.
Affects zsh |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43473: An app may be able to access sensitive user data.
Affects Shortcuts |
| |
x |
|
|
|
|
|
|
|
CVE-2025-43474: An app may be able to cause unexpected system termination or read kernel memory.
Affects GPU Drivers |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43476: An app may be able to break out of its sandbox.
Affects SharedFileList |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43477: An app may be able to access sensitive user data.
Affects Siri |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43478: An app may be able to cause unexpected system termination.
Affects ASP TCP |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43479: An app may be able to access sensitive user data.
Affects CoreServices |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43480: A malicious website may exfiltrate data cross-origin.
Affects WebKit |
| x |
x |
|
|
x |
x |
x |
x |
|
CVE-2025-43481: An app may be able to break out of its sandbox.
Affects Disk Images |
| |
x |
x |
|
|
|
|
|
|
CVE-2025-43493: Visiting a malicious website may lead to address bar spoofing.
Affects Safari |
| x |
x |
|
|
|
|
x |
x |
|
CVE-2025-43495: An app may be able to monitor keystrokes without user permission.
Affects WebKit |
| x |
|
|
|
|
|
|
|
|
CVE-2025-43496: Remote content may be loaded even when the ‘Load Remote Images’ setting is turned off.
Affects Mail Drafts |
| x |
x |
x |
|
|
x |
x |
|
|
CVE-2025-43497: An app may be able to break out of its sandbox.
Affects BackBoardServices |
| |
x |
|
|
|
|
|
|
|
CVE-2025-43498: An app may be able to access sensitive user data.
Affects FileProvider |
| x |
x |
x |
x |
|
|
x |
|
|
CVE-2025-43499: An app may be able to access sensitive user data.
Affects Shortcuts |
| |
x |
x |
x |
|
|
|
|
|
CVE-2025-43500: An app may be able to access sensitive user data.
Affects Sandbox Profiles |
| x |
x |
|
|
|
x |
x |
|
|
CVE-2025-43502: An app may be able to bypass certain Privacy preferences.
Affects Safari |
| x |
x |
|
|
|
|
x |
x |
|
CVE-2025-43503: Visiting a malicious website may lead to user interface spoofing.
Affects Safari |
| x |
x |
|
|
|
x |
x |
x |
|
CVE-2025-43504: A user in a privileged network position may be able to cause a denial-of-service.
Affects lldb |
| |
|
|
|
|
|
|
|
x |
CVE-2025-43505: Processing a maliciously crafted file may lead to heap corruption.
Affects GNU |
| |
|
|
|
|
|
|
|
x |
CVE-2025-43506: iCloud Private Relay may not activate when more than one user is logged in at the same time.
Affects Networking |
| |
x |
|
|
|
|
|
|
|
CVE-2025-43507: An app may be able to fingerprint the user.
Affects Find My |
| x |
x |
|
|
|
x |
x |
|
|
