CVE-2025-43466
MEDIUMDescription
An injection issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.
Is your site exposed to CVE-2025-43466?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| apple | macos |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-43466? +
How severe is CVE-2025-43466? +
What products are affected by CVE-2025-43466? +
How do I check if I'm vulnerable to CVE-2025-43466? +
Related Vulnerabilities
The AWS Amplify Studio UI component property expressions in the aws-amplify/amplify-codegen-ui package lack input validation. This could potentially allow an …
SEPPmail Secure Email Gateway before version 15.0.2.1 allows unauthenticated remote code execution in the new GINA UI because an endpoint …
In Teltonika Networks RUTOS devices, running versions 7.22 through 7.23.2 and TSWOS devices running versions 1.09 through 1.09.1, due to …
A vulnerability, that could result in Remote Code Execution (RCE), has been found in DocsGPT. Due to improper parsing of …
picklescan before 1.0.3 contains a scanning bypass vulnerability in the scan_pytorch function that allows attackers to embed malicious magic numbers …
The OZI action is a GitHub Action that publishes releases to PyPI and mirror releases, signature bundles, and provenance in …