An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to break out of its sandbox.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Apple
  • Macos

No data.

No data.

References
Link Providers
https://support.apple.com/en-us/125634 cve-icon cve-icon
History

Mon, 15 Dec 2025 21:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-862
Metrics cvssV3_1

{'score': 5.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Sun, 14 Dec 2025 21:30:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple macos
Vendors & Products Apple
Apple macos

Fri, 12 Dec 2025 21:15:00 +0000

Type Values Removed Values Added
Description An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to break out of its sandbox.
References
cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published: 2025-12-12T20:56:29.746Z

Updated: 2025-12-15T20:50:07.770Z

Reserved: 2025-04-16T15:27:21.192Z

Link: CVE-2025-43497

cve-icon Vulnrichment

Updated: 2025-12-15T20:49:57.104Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2025-12-12T21:15:55.507

Modified: 2025-12-15T21:15:55.230

Link: CVE-2025-43497

cve-icon Redhat

No data.