macOS
macOS 15.7
Official advisory38 CVEs fixed by this release.
- Release date
- 2025-09-15
- End of support
- —
- CVEs fixed
- 38
- CISA KEV
- 0
- Critical
- 0
- High
- 0
- NVD pending
- 37
CVEs fixed
| CVE | Severity | KEV | Published | Description |
|---|---|---|---|---|
|
CVE-2025-40909
[Apple Perl] Multiple issues in Perl |
MEDIUM 5.9 | — | [Apple Perl] Multiple issues in Perl | |
|
CVE-2025-43292
[Apple CoreMedia] An app may be able to access sensitive user data |
N/A | — | [Apple CoreMedia] An app may be able to access sensitive user data | |
|
CVE-2025-43364
[Apple NetFSFramework] An app may be able to break out of its sandbox |
N/A | — | [Apple NetFSFramework] An app may be able to break out of its sandbox | |
|
CVE-2024-27280
[Apple Ruby] Processing a file may lead to a denial-of-service or potentially disclose memory contents |
N/A | — | [Apple Ruby] Processing a file may lead to a denial-of-service or potentially disclose memory contents | |
|
CVE-2025-24197
[Apple Spotlight] An app may be able to access sensitive user data |
N/A | — | [Apple Spotlight] An app may be able to access sensitive user data | |
|
CVE-2025-31255
[Apple IOKit] An app may be able to access sensitive user data |
N/A | — | [Apple IOKit] An app may be able to access sensitive user data | |
|
CVE-2025-31259
[Apple SoftwareUpdate] An app may be able to gain elevated privileges |
N/A | — | [Apple SoftwareUpdate] An app may be able to gain elevated privileges | |
|
CVE-2025-31268
[Apple Apple Online Store Kit] An app may be able to access protected user data |
N/A | — | [Apple Apple Online Store Kit] An app may be able to access protected user data | |
|
CVE-2025-43190
[Apple Spell Check] An app may be able to access sensitive user data |
N/A | — | [Apple Spell Check] An app may be able to access sensitive user data | |
|
CVE-2025-43285
[Apple AppSandbox] An app may be able to access protected user data |
N/A | — | [Apple AppSandbox] An app may be able to access protected user data | |
|
CVE-2025-43286
[Apple SharedFileList] An app may be able to break out of its sandbox |
N/A | — | [Apple SharedFileList] An app may be able to break out of its sandbox | |
|
CVE-2025-43288
[Apple Archive Utility] An app may be able to bypass Privacy preferences |
N/A | — | [Apple Archive Utility] An app may be able to bypass Privacy preferences | |
|
CVE-2025-43291
[Apple SharedFileList] An app may be able to modify protected parts of the file system |
N/A | — | [Apple SharedFileList] An app may be able to modify protected parts of the file system | |
|
CVE-2025-43293
[Apple SharedFileList] An app may be able to access sensitive user data |
N/A | — | [Apple SharedFileList] An app may be able to access sensitive user data | |
|
CVE-2025-43295
[Apple libc] An app may be able to cause a denial-of-service |
N/A | — | [Apple libc] An app may be able to cause a denial-of-service | |
|
CVE-2025-43298
[Apple PackageKit] An app may be able to gain root privileges |
N/A | — | [Apple PackageKit] An app may be able to gain root privileges | |
|
CVE-2025-43299
[Apple libc] An app may be able to cause a denial-of-service |
N/A | — | [Apple libc] An app may be able to cause a denial-of-service | |
|
CVE-2025-43301
[Apple Notification Center] An app may be able to access contact info related to notifications in Notification Center |
N/A | — | [Apple Notification Center] An app may be able to access contact info related to notifications in Notification Center | |
|
CVE-2025-43302
[Apple IOHIDFamily] An app may be able to cause unexpected system termination |
N/A | — | [Apple IOHIDFamily] An app may be able to cause unexpected system termination | |
|
CVE-2025-43304
[Apple StorageKit] An app may be able to gain root privileges |
N/A | — | [Apple StorageKit] An app may be able to gain root privileges | |
|
CVE-2025-43305
[Apple CoreServices] A malicious app may be able to access private information |
N/A | — | [Apple CoreServices] A malicious app may be able to access private information | |
|
CVE-2025-43308
[Apple Touch Bar Controls] An app may be able to access sensitive user data |
N/A | — | [Apple Touch Bar Controls] An app may be able to access sensitive user data | |
|
CVE-2025-43310
[Apple WindowServer] An app may be able to trick a user into copying sensitive data to the pasteboard |
N/A | — | [Apple WindowServer] An app may be able to trick a user into copying sensitive data to the pasteboard | |
|
CVE-2025-43311
[Apple Touch Bar] An app may be able to access protected user data |
N/A | — | [Apple Touch Bar] An app may be able to access protected user data | |
|
CVE-2025-43312
[Apple AMD] An app may be able to cause unexpected system termination |
N/A | — | [Apple AMD] An app may be able to cause unexpected system termination | |
|
CVE-2025-43314
[Apple StorageKit] An app may be able to access sensitive user data |
N/A | — | [Apple StorageKit] An app may be able to access sensitive user data | |
|
CVE-2025-43315
[Apple MigrationKit] An app may be able to access user-sensitive data |
N/A | — | [Apple MigrationKit] An app may be able to access user-sensitive data | |
|
CVE-2025-43319
[Apple MediaLibrary] An app may be able to access protected user data |
N/A | — | [Apple MediaLibrary] An app may be able to access protected user data | |
|
CVE-2025-43321
[Apple AppKit] An app may be able to access protected user data |
N/A | — | [Apple AppKit] An app may be able to access protected user data | |
|
CVE-2025-43326
[Apple GPU Drivers] An app may be able to access sensitive user data |
N/A | — | [Apple GPU Drivers] An app may be able to access sensitive user data | |
|
CVE-2025-43330
[Apple ATS] An app may be able to break out of its sandbox |
N/A | — | [Apple ATS] An app may be able to break out of its sandbox | |
|
CVE-2025-43332
[Apple Security Initialization] An app may be able to break out of its sandbox |
N/A | — | [Apple Security Initialization] An app may be able to break out of its sandbox | |
|
CVE-2025-43345
[Apple Kernel] An app may be able to access sensitive user data |
N/A | — | [Apple Kernel] An app may be able to access sensitive user data | |
|
CVE-2025-43349
[Apple CoreAudio] Processing a maliciously crafted video file may lead to unexpected app termination |
N/A | — | [Apple CoreAudio] Processing a maliciously crafted video file may lead to unexpected app termination | |
|
CVE-2025-43353
[Apple Libinfo] Processing a maliciously crafted string may lead to heap corruption |
N/A | — | [Apple Libinfo] Processing a maliciously crafted string may lead to heap corruption | |
|
CVE-2025-43355
[Apple MobileStorageMounter] An app may be able to cause a denial-of-service |
N/A | — | [Apple MobileStorageMounter] An app may be able to cause a denial-of-service | |
|
CVE-2025-43358
[Apple Shortcuts] A shortcut may be able to bypass sandbox restrictions |
N/A | — | [Apple Shortcuts] A shortcut may be able to bypass sandbox restrictions | |
|
CVE-2025-43359
[Apple Kernel] A UDP server socket bound to a local interface may become bound to all interfaces |
N/A | — | [Apple Kernel] A UDP server socket bound to a local interface may become bound to all interfaces |