CVE-2025-43381
MEDIUMDescription
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Tahoe 26.1. A malicious app may be able to delete protected user data.
Is your site exposed to CVE-2025-43381?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| apple | macos |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-43381? +
How severe is CVE-2025-43381? +
What products are affected by CVE-2025-43381? +
How do I check if I'm vulnerable to CVE-2025-43381? +
Related Vulnerabilities
Activepieces is an open source AI workflow automation platform. Prior to 0.82.0, the git-sync feature clones a user-configured Git repository …
Metabase is a business intelligence and embedded analytics tool. Versions prior to v0.52.16.4, v1.52.16.4, v0.53.8, and v1.53.8 are vulnerable to …
An Improper link resolution before file access ('link following') vulnerability in the File Shredder module as used in Bitdefender Total …
Improper Link Resolution Before File Access ('Link Following') vulnerability in QFileSystemEngine in the Qt corelib module on Windows which potentially …
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Passwordless on Windows allows Privilege Escalation.This issue affects HYPR …
Improper Link Resolution Before File Access ('Link Following') vulnerability in yrutschle sslh.This issue affects sslh: before 2.2.2.