macOS
macOS 26.1
Official advisory111 CVEs fixed by this release.
- Release date
- 2025-11-03
- End of support
- —
- CVEs fixed
- 111
- CISA KEV
- 2
- Critical
- 0
- High
- 2
- NVD pending
- 105
CVEs fixed
| CVE | Severity | KEV | Published | Description |
|---|---|---|---|---|
|
CVE-2025-43510
KEV
[Apple Kernel] A malicious application may cause unexpected changes in memory shared between processes |
N/A | KEV | [Apple Kernel] A malicious application may cause unexpected changes in memory shared between processes | |
|
CVE-2025-43520
KEV
[Apple Kernel] A malicious application may be able to cause unexpected system termination or write kernel memory |
N/A | KEV | [Apple Kernel] A malicious application may be able to cause unexpected system termination or write kernel memory | |
|
CVE-2025-6442
[Apple Ruby] Multiple issues in ruby |
HIGH 7.7 | — | [Apple Ruby] Multiple issues in ruby | |
|
CVE-2024-49761
[Apple Ruby] Multiple issues in ruby |
HIGH 7.5 | — | [Apple Ruby] Multiple issues in ruby | |
|
CVE-2024-43398
[Apple Ruby] Multiple issues in ruby |
MEDIUM 5.9 | — | [Apple Ruby] Multiple issues in ruby | |
|
CVE-2025-46316
An out-of-bounds read was addressed with improved input validation. This issue is fixed in Pages 15.1, iOS 26.1 and iPa… |
MEDIUM 4.3 | — | An out-of-bounds read was addressed with improved input validation. This issue is fixed in Pages 15.1, iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1. Processing a… | |
|
CVE-2025-53906
[Apple Vim] A path handling issue was addressed with improved validation |
MEDIUM 4.1 | — | [Apple Vim] A path handling issue was addressed with improved validation | |
|
CVE-2025-32462
[Apple sudo] In certain configurations, an attacker with host-limited sudo access may be able to elevate privileges |
LOW 2.8 | — | [Apple sudo] In certain configurations, an attacker with host-limited sudo access may be able to elevate privileges | |
|
CVE-2025-43402
[Apple WindowServer] An app may be able to cause unexpected system termination or corrupt process memory |
N/A | — | [Apple WindowServer] An app may be able to cause unexpected system termination or corrupt process memory | |
|
CVE-2025-43463
[Apple StorageKit] An app may be able to access sensitive user data |
N/A | — | [Apple StorageKit] An app may be able to access sensitive user data | |
|
CVE-2025-43377
[Apple Model I/O] An app may be able to cause a denial-of-service |
N/A | — | [Apple Model I/O] An app may be able to cause a denial-of-service | |
|
CVE-2025-43383
[Apple Model I/O] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process… |
N/A | — | [Apple Model I/O] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory | |
|
CVE-2025-43384
[Apple Model I/O] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process… |
N/A | — | [Apple Model I/O] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory | |
|
CVE-2025-43385
[Apple Model I/O] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process… |
N/A | — | [Apple Model I/O] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory | |
|
CVE-2025-43386
[Apple Model I/O] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process… |
N/A | — | [Apple Model I/O] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory | |
|
CVE-2025-43389
[Apple Notes] An app may be able to access sensitive user data |
N/A | — | [Apple Notes] An app may be able to access sensitive user data | |
|
CVE-2025-43392
[Apple WebKit Canvas] A website may exfiltrate image data cross-origin |
N/A | — | [Apple WebKit Canvas] A website may exfiltrate image data cross-origin | |
|
CVE-2025-43398
[Apple Kernel] An app may be able to cause unexpected system termination |
N/A | — | [Apple Kernel] An app may be able to cause unexpected system termination | |
|
CVE-2025-43399
[Apple Siri] An app may be able to access protected user data |
N/A | — | [Apple Siri] An app may be able to access protected user data | |
|
CVE-2025-43423
[Apple Audio] An attacker with physical access to an unlocked device paired with a Mac may be able to view sensitive us… |
N/A | — | [Apple Audio] An attacker with physical access to an unlocked device paired with a Mac may be able to view sensitive user information in system logging | |
|
CVE-2025-43429
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2025-43431
[Apple WebKit] Processing maliciously crafted web content may lead to memory corruption |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to memory corruption | |
|
CVE-2025-43433
[Apple WebKit] Processing maliciously crafted web content may lead to memory corruption |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to memory corruption | |
|
CVE-2025-43434
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected Safari crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected Safari crash | |
|
CVE-2025-43435
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2025-43438
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected Safari crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected Safari crash | |
|
CVE-2025-43441
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2025-43443
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2025-43444
[Apple Installer] An app may be able to fingerprint the user |
N/A | — | [Apple Installer] An app may be able to fingerprint the user | |
|
CVE-2025-43445
[Apple CoreText] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process … |
N/A | — | [Apple CoreText] Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory | |
|
CVE-2025-43448
[Apple CloudKit] An app may be able to break out of its sandbox |
N/A | — | [Apple CloudKit] An app may be able to break out of its sandbox | |
|
CVE-2025-43458
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2025-43493
[Apple Safari] Visiting a malicious website may lead to address bar spoofing |
N/A | — | [Apple Safari] Visiting a malicious website may lead to address bar spoofing | |
|
CVE-2025-43494
[Apple Mail] An attacker may be able to cause a persistent denial-of-service |
N/A | — | [Apple Mail] An attacker may be able to cause a persistent denial-of-service | |
|
CVE-2025-43496
[Apple Mail] Remote content may be loaded even when the 'Load Remote Images' setting is turned off |
N/A | — | [Apple Mail] Remote content may be loaded even when the 'Load Remote Images' setting is turned off | |
|
CVE-2025-43499
[Apple Shortcuts] An app may be able to access sensitive user data |
N/A | — | [Apple Shortcuts] An app may be able to access sensitive user data | |
|
CVE-2025-43503
[Apple Safari] Visiting a malicious website may lead to user interface spoofing |
N/A | — | [Apple Safari] Visiting a malicious website may lead to user interface spoofing | |
|
CVE-2025-43507
[Apple Find My] An app may be able to fingerprint the user |
N/A | — | [Apple Find My] An app may be able to fingerprint the user | |
|
CVE-2025-30465
[Apple Shortcuts] A shortcut may be able to access files that are normally inaccessible to the Shortcuts app |
N/A | — | [Apple Shortcuts] A shortcut may be able to access files that are normally inaccessible to the Shortcuts app | |
|
CVE-2025-43322
[Apple Admin Framework] An app may be able to access user-sensitive data |
N/A | — | [Apple Admin Framework] An app may be able to access user-sensitive data | |
|
CVE-2025-43334
[Apple sudo] An app may be able to access user-sensitive data |
N/A | — | [Apple sudo] An app may be able to access user-sensitive data | |
|
CVE-2025-43335
[Apple Security] An app may be able to access user-sensitive data |
N/A | — | [Apple Security] An app may be able to access user-sensitive data | |
|
CVE-2025-43336
[Apple SoftwareUpdate] An app with root privileges may be able to access private information |
N/A | — | [Apple SoftwareUpdate] An app with root privileges may be able to access private information | |
|
CVE-2025-43348
[Apple Finder] An app may bypass Gatekeeper checks |
N/A | — | [Apple Finder] An app may bypass Gatekeeper checks | |
|
CVE-2025-43351
[Apple StorageKit] An app may be able to access protected user data |
N/A | — | [Apple StorageKit] An app may be able to access protected user data | |
|
CVE-2025-43364
[Apple NetFSFramework] An app may be able to break out of its sandbox |
N/A | — | [Apple NetFSFramework] An app may be able to break out of its sandbox | |
|
CVE-2025-43373
[Apple Wi-Fi] An app may be able to cause unexpected system termination or corrupt kernel memory |
N/A | — | [Apple Wi-Fi] An app may be able to cause unexpected system termination or corrupt kernel memory | |
|
CVE-2025-43378
[Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data |
N/A | — | [Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data | |
|
CVE-2025-43379
[Apple AppleMobileFileIntegrity] An app may be able to access protected user data |
N/A | — | [Apple AppleMobileFileIntegrity] An app may be able to access protected user data | |
|
CVE-2025-43380
[Apple sips] Parsing a file may lead to an unexpected app termination |
N/A | — | [Apple sips] Parsing a file may lead to an unexpected app termination | |
|
CVE-2025-43381
[Apple CoreServicesUIAgent] A malicious app may be able to delete protected user data |
N/A | — | [Apple CoreServicesUIAgent] A malicious app may be able to delete protected user data | |
|
CVE-2025-43382
[Apple CoreServices] An app may be able to access sensitive user data |
N/A | — | [Apple CoreServices] An app may be able to access sensitive user data | |
|
CVE-2025-43387
[Apple DiskArbitration] A malicious app may be able to gain root privileges |
N/A | — | [Apple DiskArbitration] A malicious app may be able to gain root privileges | |
|
CVE-2025-43388
[Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data |
N/A | — | [Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data | |
|
CVE-2025-43390
[Apple AppleMobileFileIntegrity] An app may be able to access user-sensitive data |
N/A | — | [Apple AppleMobileFileIntegrity] An app may be able to access user-sensitive data | |
|
CVE-2025-43391
[Apple Photos] An app may be able to access sensitive user data |
N/A | — | [Apple Photos] An app may be able to access sensitive user data | |
|
CVE-2025-43393
[Apple quarantine] An app may be able to break out of its sandbox |
N/A | — | [Apple quarantine] An app may be able to break out of its sandbox | |
|
CVE-2025-43394
[Apple bootp] An app may be able to access protected user data |
N/A | — | [Apple bootp] An app may be able to access protected user data | |
|
CVE-2025-43395
[Apple configd] An app may be able to access protected user data |
N/A | — | [Apple configd] An app may be able to access protected user data | |
|
CVE-2025-43396
[Apple Installer] A sandboxed app may be able to access sensitive user data |
N/A | — | [Apple Installer] A sandboxed app may be able to access sensitive user data | |
|
CVE-2025-43397
[Apple SoftwareUpdate] An app may be able to cause a denial-of-service |
N/A | — | [Apple SoftwareUpdate] An app may be able to cause a denial-of-service | |
|
CVE-2025-43401
[Apple CoreAnimation] A remote attacker may be able to cause a denial-of-service |
N/A | — | [Apple CoreAnimation] A remote attacker may be able to cause a denial-of-service | |
|
CVE-2025-43404
[Apple Sandbox] An app may be able to access sensitive user data |
N/A | — | [Apple Sandbox] An app may be able to access sensitive user data | |
|
CVE-2025-43405
[Apple Photos] An app may be able to access user-sensitive data |
N/A | — | [Apple Photos] An app may be able to access user-sensitive data | |
|
CVE-2025-43406
[Apple Sandbox] An app may be able to access sensitive user data |
N/A | — | [Apple Sandbox] An app may be able to access sensitive user data | |
|
CVE-2025-43407
[Apple Assets] An app may be able to break out of its sandbox |
N/A | — | [Apple Assets] An app may be able to break out of its sandbox | |
|
CVE-2025-43408
[Apple Share Sheet] An attacker with physical access may be able to access contacts from the lock screen |
N/A | — | [Apple Share Sheet] An attacker with physical access may be able to access contacts from the lock screen | |
|
CVE-2025-43409
[Apple Spotlight] An app may be able to access sensitive user data |
N/A | — | [Apple Spotlight] An app may be able to access sensitive user data | |
|
CVE-2025-43411
[Apple PackageKit] An app may be able to access user-sensitive data |
N/A | — | [Apple PackageKit] An app may be able to access user-sensitive data | |
|
CVE-2025-43412
[Apple TCC] An app may be able to break out of its sandbox |
N/A | — | [Apple TCC] An app may be able to break out of its sandbox | |
|
CVE-2025-43413
[Apple libxpc] A sandboxed app may be able to observe system-wide network connections |
N/A | — | [Apple libxpc] A sandboxed app may be able to observe system-wide network connections | |
|
CVE-2025-43414
[Apple Shortcuts] A shortcut may be able to access files that are normally inaccessible to the Shortcuts app |
N/A | — | [Apple Shortcuts] A shortcut may be able to access files that are normally inaccessible to the Shortcuts app | |
|
CVE-2025-43420
[Apple Dock] An app may be able to access sensitive user data |
N/A | — | [Apple Dock] An app may be able to access sensitive user data | |
|
CVE-2025-43421
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2025-43424
[Apple Multi-Touch] A malicious HID device may cause an unexpected process crash |
N/A | — | [Apple Multi-Touch] A malicious HID device may cause an unexpected process crash | |
|
CVE-2025-43425
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2025-43426
[Apple Contacts] An app may be able to access sensitive user data |
N/A | — | [Apple Contacts] An app may be able to access sensitive user data | |
|
CVE-2025-43427
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2025-43430
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2025-43432
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2025-43436
[Apple CoreServices] An app may be able to enumerate a user's installed apps |
N/A | — | [Apple CoreServices] An app may be able to enumerate a user's installed apps | |
|
CVE-2025-43440
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected process crash | |
|
CVE-2025-43446
[Apple Assets] An app may be able to modify protected parts of the file system |
N/A | — | [Apple Assets] An app may be able to modify protected parts of the file system | |
|
CVE-2025-43447
[Apple Apple Neural Engine] An app may be able to cause unexpected system termination or corrupt kernel memory |
N/A | — | [Apple Apple Neural Engine] An app may be able to cause unexpected system termination or corrupt kernel memory | |
|
CVE-2025-43455
[Apple Apple Account] A malicious app may be able to take a screenshot of sensitive information in embedded views |
N/A | — | [Apple Apple Account] A malicious app may be able to take a screenshot of sensitive information in embedded views | |
|
CVE-2025-43457
[Apple WebKit] Processing maliciously crafted web content may lead to an unexpected Safari crash |
N/A | — | [Apple WebKit] Processing maliciously crafted web content may lead to an unexpected Safari crash | |
|
CVE-2025-43461
[Apple configd] An app may be able to access protected user data |
N/A | — | [Apple configd] An app may be able to access protected user data | |
|
CVE-2025-43462
[Apple Apple Neural Engine] An app may be able to cause unexpected system termination or corrupt kernel memory |
N/A | — | [Apple Apple Neural Engine] An app may be able to cause unexpected system termination or corrupt kernel memory | |
|
CVE-2025-43464
[Apple dyld] Visiting a website may lead to an app denial-of-service |
N/A | — | [Apple dyld] Visiting a website may lead to an app denial-of-service | |
|
CVE-2025-43465
[Apple ATS] An app may be able to access sensitive user data |
N/A | — | [Apple ATS] An app may be able to access sensitive user data | |
|
CVE-2025-43466
[Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data |
N/A | — | [Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data | |
|
CVE-2025-43467
[Apple Installer] An app may be able to gain root privileges |
N/A | — | [Apple Installer] An app may be able to gain root privileges | |
|
CVE-2025-43468
[Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data |
N/A | — | [Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data | |
|
CVE-2025-43469
[Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data |
N/A | — | [Apple AppleMobileFileIntegrity] An app may be able to access sensitive user data | |
|
CVE-2025-43470
[Apple Disk Images] A standard user may be able to view files made from a disk image belonging to an administrator |
N/A | — | [Apple Disk Images] A standard user may be able to view files made from a disk image belonging to an administrator | |
|
CVE-2025-43471
[Apple Admin Framework] An app may be able to access sensitive user data |
N/A | — | [Apple Admin Framework] An app may be able to access sensitive user data | |
|
CVE-2025-43472
[Apple bash] An app may be able to gain root privileges |
N/A | — | [Apple bash] An app may be able to gain root privileges | |
|
CVE-2025-43473
[Apple Shortcuts] An app may be able to access sensitive user data |
N/A | — | [Apple Shortcuts] An app may be able to access sensitive user data | |
|
CVE-2025-43474
[Apple GPU Drivers] An app may be able to cause unexpected system termination or read kernel memory |
N/A | — | [Apple GPU Drivers] An app may be able to cause unexpected system termination or read kernel memory | |
|
CVE-2025-43476
[Apple SharedFileList] An app may be able to break out of its sandbox |
N/A | — | [Apple SharedFileList] An app may be able to break out of its sandbox | |
|
CVE-2025-43477
[Apple Siri] An app may be able to access sensitive user data |
N/A | — | [Apple Siri] An app may be able to access sensitive user data | |
|
CVE-2025-43478
[Apple ASP TCP] An app may be able to cause unexpected system termination |
N/A | — | [Apple ASP TCP] An app may be able to cause unexpected system termination | |
|
CVE-2025-43479
[Apple CoreServices] An app may be able to access sensitive user data |
N/A | — | [Apple CoreServices] An app may be able to access sensitive user data | |
|
CVE-2025-43480
[Apple WebKit] A malicious website may exfiltrate data cross-origin |
N/A | — | [Apple WebKit] A malicious website may exfiltrate data cross-origin | |
|
CVE-2025-43481
[Apple Disk Images] An app may be able to break out of its sandbox |
N/A | — | [Apple Disk Images] An app may be able to break out of its sandbox | |
|
CVE-2025-43497
[Apple BackBoardServices] An app may be able to break out of its sandbox |
N/A | — | [Apple BackBoardServices] An app may be able to break out of its sandbox | |
|
CVE-2025-43498
[Apple FileProvider] An app may be able to access sensitive user data |
N/A | — | [Apple FileProvider] An app may be able to access sensitive user data | |
|
CVE-2025-43500
[Apple Sandbox Profiles] An app may be able to access sensitive user data |
N/A | — | [Apple Sandbox Profiles] An app may be able to access sensitive user data | |
|
CVE-2025-43502
[Apple Safari] An app may be able to bypass certain Privacy preferences |
N/A | — | [Apple Safari] An app may be able to bypass certain Privacy preferences | |
|
CVE-2025-43506
[Apple Networking] iCloud Private Relay may not activate when more than one user is logged in at the same time |
N/A | — | [Apple Networking] iCloud Private Relay may not activate when more than one user is logged in at the same time | |
|
CVE-2025-43508
[Apple Phone] An app may be able to access sensitive user data |
N/A | — | [Apple Phone] An app may be able to access sensitive user data |