macOS

macOS 15.7.3

26 CVEs fixed by this release.

Release date: 2025-12-12
End of support: —
CVEs fixed: 26

CISA KEV: 0
Critical: 0
High: 0
NVD pending: 23

CVEs fixed

CVE	Severity	KEV	Published	Description
CVE-2024-7264 2025-12-12 [Apple curl] Multiple issues in curl	MEDIUM 6.5	—	2025-12-12	[Apple curl] Multiple issues in curl
CVE-2025-9086 2025-12-12 [Apple curl] Multiple issues in curl	MEDIUM 4.3	—	2025-12-12	[Apple curl] Multiple issues in curl
CVE-2025-5918 2025-12-12 [Apple libarchive] Processing a file may lead to memory corruption	LOW 3.9	—	2025-12-12	[Apple libarchive] Processing a file may lead to memory corruption
CVE-2025-43320 2025-12-12 [Apple AppleMobileFileIntegrity] An app may be able to bypass launch constraint protections and execute malicious code …	N/A	—	2025-12-12	[Apple AppleMobileFileIntegrity] An app may be able to bypass launch constraint protections and execute malicious code with elevated privileges
CVE-2025-43416 2025-12-12 [Apple sudo] An app may be able to access protected user data	N/A	—	2025-12-12	[Apple sudo] An app may be able to access protected user data
CVE-2025-43463 2025-12-12 [Apple StorageKit] An app may be able to access sensitive user data	N/A	—	2025-12-12	[Apple StorageKit] An app may be able to access sensitive user data
CVE-2025-43482 2025-12-12 [Apple Audio] An app may be able to cause a denial-of-service	N/A	—	2025-12-12	[Apple Audio] An app may be able to cause a denial-of-service
CVE-2025-43509 2025-12-12 [Apple Networking] An app may be able to access sensitive user data	N/A	—	2025-12-12	[Apple Networking] An app may be able to access sensitive user data
CVE-2025-43512 2025-12-12 [Apple Kernel] An app may be able to elevate privileges	N/A	—	2025-12-12	[Apple Kernel] An app may be able to elevate privileges
CVE-2025-43513 2025-12-12 [Apple MDM Configuration Tools] An app may be able to read sensitive location information	N/A	—	2025-12-12	[Apple MDM Configuration Tools] An app may be able to read sensitive location information
CVE-2025-43516 2025-12-12 [Apple Voice Control] A user with Voice Control enabled may be able to transcribe another user's activity	N/A	—	2025-12-12	[Apple Voice Control] A user with Voice Control enabled may be able to transcribe another user's activity
CVE-2025-43517 2025-12-12 [Apple Call History] An app may be able to access protected user data	N/A	—	2025-12-12	[Apple Call History] An app may be able to access protected user data
CVE-2025-43518 2025-12-12 [Apple Foundation] An app may be able to inappropriately access files through the spellcheck API	N/A	—	2025-12-12	[Apple Foundation] An app may be able to inappropriately access files through the spellcheck API
CVE-2025-43519 2025-12-12 [Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data	N/A	—	2025-12-12	[Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data
CVE-2025-43521 2025-12-12 [Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data	N/A	—	2025-12-12	[Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data
CVE-2025-43522 2025-12-12 [Apple AppleMobileFileIntegrity] An app may be able to access user-sensitive data	N/A	—	2025-12-12	[Apple AppleMobileFileIntegrity] An app may be able to access user-sensitive data
CVE-2025-43523 2025-12-12 [Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data	N/A	—	2025-12-12	[Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data
CVE-2025-43527 2025-12-12 [Apple StorageKit] An app may be able to gain root privileges	N/A	—	2025-12-12	[Apple StorageKit] An app may be able to gain root privileges
CVE-2025-43530 2025-12-12 [Apple VoiceOver] An app may be able to access sensitive user data	N/A	—	2025-12-12	[Apple VoiceOver] An app may be able to access sensitive user data
CVE-2025-43532 2025-12-12 [Apple Foundation] Processing malicious data may lead to unexpected app termination	N/A	—	2025-12-12	[Apple Foundation] Processing malicious data may lead to unexpected app termination
CVE-2025-43539 2025-12-12 [Apple AppleJPEG] Processing a file may lead to memory corruption	N/A	—	2025-12-12	[Apple AppleJPEG] Processing a file may lead to memory corruption
CVE-2025-43542 2025-12-12 [Apple FaceTime] Password fields may be unintentionally revealed when remotely controlling a device over FaceTime	N/A	—	2025-12-12	[Apple FaceTime] Password fields may be unintentionally revealed when remotely controlling a device over FaceTime
CVE-2025-46276 2025-12-12 [Apple Messages] An app may be able to access sensitive user data	N/A	—	2025-12-12	[Apple Messages] An app may be able to access sensitive user data
CVE-2025-46285 2025-12-12 [Apple Kernel] An app may be able to gain root privileges	N/A	—	2025-12-12	[Apple Kernel] An app may be able to gain root privileges
CVE-2025-46287 2025-12-12 [Apple Call History] An attacker may be able to spoof their FaceTime caller ID	N/A	—	2025-12-12	[Apple Call History] An attacker may be able to spoof their FaceTime caller ID
CVE-2025-46289 2025-12-12 [Apple AppSandbox] An app may be able to access protected user data	N/A	—	2025-12-12	[Apple AppSandbox] An app may be able to access protected user data