macOS
macOS 14.8.2
Official advisory50 CVEs fixed by this release.
- Release date
- 2025-11-03
- End of support
- —
- CVEs fixed
- 50
- CISA KEV
- 2
- Critical
- 0
- High
- 2
- NVD pending
- 47
CVEs fixed
| CVE | Severity | KEV | Published | Description |
|---|---|---|---|---|
|
CVE-2025-43510
KEV
[Apple Kernel] A malicious application may cause unexpected changes in memory shared between processes |
N/A | KEV | [Apple Kernel] A malicious application may cause unexpected changes in memory shared between processes | |
|
CVE-2025-43520
KEV
[Apple Kernel] A malicious application may be able to cause unexpected system termination or write kernel memory |
N/A | KEV | [Apple Kernel] A malicious application may be able to cause unexpected system termination or write kernel memory | |
|
CVE-2025-6442
[Apple Ruby] Multiple issues in ruby |
HIGH 7.7 | — | [Apple Ruby] Multiple issues in ruby | |
|
CVE-2024-49761
[Apple Ruby] Multiple issues in ruby |
HIGH 7.5 | — | [Apple Ruby] Multiple issues in ruby | |
|
CVE-2024-43398
[Apple Ruby] Multiple issues in ruby |
MEDIUM 5.9 | — | [Apple Ruby] Multiple issues in ruby | |
|
CVE-2025-43338
[Apple ImageIO] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process m… |
N/A | — | [Apple ImageIO] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory | |
|
CVE-2025-43410
[Apple Notes] An attacker with physical access may be able to view deleted notes |
N/A | — | [Apple Notes] An attacker with physical access may be able to view deleted notes | |
|
CVE-2025-43389
[Apple Notes] An app may be able to access sensitive user data |
N/A | — | [Apple Notes] An app may be able to access sensitive user data | |
|
CVE-2025-43398
[Apple Kernel] An app may be able to cause unexpected system termination |
N/A | — | [Apple Kernel] An app may be able to cause unexpected system termination | |
|
CVE-2025-43445
[Apple CoreText] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process … |
N/A | — | [Apple CoreText] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory | |
|
CVE-2025-43448
[Apple CloudKit] An app may be able to break out of its sandbox |
N/A | — | [Apple CloudKit] An app may be able to break out of its sandbox | |
|
CVE-2025-43494
[Apple Mail] An attacker may be able to cause a persistent denial-of-service |
N/A | — | [Apple Mail] An attacker may be able to cause a persistent denial-of-service | |
|
CVE-2025-43499
[Apple Shortcuts] An app may be able to access sensitive user data |
N/A | — | [Apple Shortcuts] An app may be able to access sensitive user data | |
|
CVE-2025-30465
[Apple Shortcuts] A shortcut may be able to access files that are normally inaccessible to the Shortcuts app |
N/A | — | [Apple Shortcuts] A shortcut may be able to access files that are normally inaccessible to the Shortcuts app | |
|
CVE-2025-31199
[Apple Logging] An app may be able to access sensitive user data |
N/A | — | [Apple Logging] An app may be able to access sensitive user data | |
|
CVE-2025-43322
[Apple Admin Framework] An app may be able to access user-sensitive data |
N/A | — | [Apple Admin Framework] An app may be able to access user-sensitive data | |
|
CVE-2025-43334
[Apple sudo] An app may be able to access user-sensitive data |
N/A | — | [Apple sudo] An app may be able to access user-sensitive data | |
|
CVE-2025-43335
[Apple Security] An app may be able to access user-sensitive data |
N/A | — | [Apple Security] An app may be able to access user-sensitive data | |
|
CVE-2025-43336
[Apple SoftwareUpdate] An app with root privileges may be able to access private information |
N/A | — | [Apple SoftwareUpdate] An app with root privileges may be able to access private information | |
|
CVE-2025-43348
[Apple Finder] An app may bypass Gatekeeper checks |
N/A | — | [Apple Finder] An app may bypass Gatekeeper checks | |
|
CVE-2025-43361
[Apple Audio] A malicious app may be able to read kernel memory |
N/A | — | [Apple Audio] A malicious app may be able to read kernel memory | |
|
CVE-2025-43372
[Apple CoreMedia] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process… |
N/A | — | [Apple CoreMedia] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory | |
|
CVE-2025-43373
[Apple Wi-Fi] An app may be able to cause unexpected system termination or corrupt kernel memory |
N/A | — | [Apple Wi-Fi] An app may be able to cause unexpected system termination or corrupt kernel memory | |
|
CVE-2025-43379
[Apple AppleMobileFileIntegrity] An app may be able to access protected user data |
N/A | — | [Apple AppleMobileFileIntegrity] An app may be able to access protected user data | |
|
CVE-2025-43380
[Apple sips] Parsing a file may lead to an unexpected app termination |
N/A | — | [Apple sips] Parsing a file may lead to an unexpected app termination | |
|
CVE-2025-43382
[Apple CoreServices] An app may be able to access sensitive user data |
N/A | — | [Apple CoreServices] An app may be able to access sensitive user data | |
|
CVE-2025-43391
[Apple Photos] An app may be able to access sensitive user data |
N/A | — | [Apple Photos] An app may be able to access sensitive user data | |
|
CVE-2025-43394
[Apple bootp] An app may be able to access protected user data |
N/A | — | [Apple bootp] An app may be able to access protected user data | |
|
CVE-2025-43395
[Apple configd] An app may be able to access protected user data |
N/A | — | [Apple configd] An app may be able to access protected user data | |
|
CVE-2025-43396
[Apple Installer] A sandboxed app may be able to access sensitive user data |
N/A | — | [Apple Installer] A sandboxed app may be able to access sensitive user data | |
|
CVE-2025-43397
[Apple SoftwareUpdate] An app may be able to cause a denial-of-service |
N/A | — | [Apple SoftwareUpdate] An app may be able to cause a denial-of-service | |
|
CVE-2025-43401
[Apple CoreAnimation] A remote attacker may be able to cause a denial-of-service |
N/A | — | [Apple CoreAnimation] A remote attacker may be able to cause a denial-of-service | |
|
CVE-2025-43405
[Apple Photos] An app may be able to access user-sensitive data |
N/A | — | [Apple Photos] An app may be able to access user-sensitive data | |
|
CVE-2025-43407
[Apple Assets] An app may be able to break out of its sandbox |
N/A | — | [Apple Assets] An app may be able to break out of its sandbox | |
|
CVE-2025-43408
[Apple Share Sheet] An attacker with physical access may be able to access contacts from the lock screen |
N/A | — | [Apple Share Sheet] An attacker with physical access may be able to access contacts from the lock screen | |
|
CVE-2025-43411
[Apple PackageKit] An app may be able to access user-sensitive data |
N/A | — | [Apple PackageKit] An app may be able to access user-sensitive data | |
|
CVE-2025-43412
[Apple TCC] An app may be able to break out of its sandbox |
N/A | — | [Apple TCC] An app may be able to break out of its sandbox | |
|
CVE-2025-43413
[Apple libxpc] A sandboxed app may be able to observe system-wide network connections |
N/A | — | [Apple libxpc] A sandboxed app may be able to observe system-wide network connections | |
|
CVE-2025-43414
[Apple Shortcuts] A shortcut may be able to access files that are normally inaccessible to the Shortcuts app |
N/A | — | [Apple Shortcuts] A shortcut may be able to access files that are normally inaccessible to the Shortcuts app | |
|
CVE-2025-43420
[Apple Dock] An app may be able to access sensitive user data |
N/A | — | [Apple Dock] An app may be able to access sensitive user data | |
|
CVE-2025-43446
[Apple Assets] An app may be able to modify protected parts of the file system |
N/A | — | [Apple Assets] An app may be able to modify protected parts of the file system | |
|
CVE-2025-43468
[Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data |
N/A | — | [Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data | |
|
CVE-2025-43469
[Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data |
N/A | — | [Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data | |
|
CVE-2025-43472
[Apple bash] An app may be able to gain root privileges |
N/A | — | [Apple bash] An app may be able to gain root privileges | |
|
CVE-2025-43474
[Apple GPU Drivers] An app may be able to cause unexpected system termination or read kernel memory |
N/A | — | [Apple GPU Drivers] An app may be able to cause unexpected system termination or read kernel memory | |
|
CVE-2025-43476
[Apple SharedFileList] An app may be able to break out of its sandbox |
N/A | — | [Apple SharedFileList] An app may be able to break out of its sandbox | |
|
CVE-2025-43477
[Apple Siri] An app may be able to access sensitive user data |
N/A | — | [Apple Siri] An app may be able to access sensitive user data | |
|
CVE-2025-43478
[Apple ASP TCP] An app may be able to cause unexpected system termination |
N/A | — | [Apple ASP TCP] An app may be able to cause unexpected system termination | |
|
CVE-2025-43479
[Apple CoreServices] An app may be able to access sensitive user data |
N/A | — | [Apple CoreServices] An app may be able to access sensitive user data | |
|
CVE-2025-43498
[Apple FileProvider] An app may be able to access sensitive user data |
N/A | — | [Apple FileProvider] An app may be able to access sensitive user data |