CVE-2025-46293
MEDIUMDescription
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data.
Is your site exposed to CVE-2025-46293?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
EPSS — Exploit Prediction
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| apple | macos |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-46293? +
How severe is CVE-2025-46293? +
What products are affected by CVE-2025-46293? +
How do I check if I'm vulnerable to CVE-2025-46293? +
Related Vulnerabilities
Metabase is a business intelligence and embedded analytics tool. Versions prior to v0.52.16.4, v1.52.16.4, v0.53.8, and v1.53.8 are vulnerable to …
Improper Link Resolution Before File Access ('Link Following') vulnerability in QFileSystemEngine in the Qt corelib module on Windows which potentially …
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Passwordless on Windows allows Privilege Escalation.This issue affects HYPR …
Improper Link Resolution Before File Access ('Link Following') vulnerability in yrutschle sslh.This issue affects sslh: before 2.2.2.
Model Context Protocol Servers is a collection of reference implementations for the model context protocol (MCP). Versions of Filesystem prior …
An issue in Cato Networks' CatoClient for Linux, before version 5.5, allows a local attacker to escalate privileges to root …