QSearchQSearch

CVE-2025-43306

7.8 HIGH

A logic issue was addressed with improved checks

Published: 2026-05-26 · Last updated: 2026-05-27

Severity and scoring

CVSS
7.8 HIGH
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
CWE-269

Affected products

VendorProduct
applemacos

Description

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A malicious app may be able to gain root privileges.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2025-46307 A logic issue was addressed with improved restrictions (5.5 MEDIUM)
  • CVE-2025-46284 A race condition was addressed with additional validation (7.0 HIGH)
  • CVE-2025-46280 An out-of-bounds read was addressed with improved bounds checking (5.5 MEDIUM)
  • CVE-2025-43451 A permissions issue was addressed by removing the vulnerable code (5.5 MEDIUM)
  • CVE-2025-43290 A permissions issue was addressed with additional restrictions (5.5 MEDIUM)

Same CWE

  • CVE-2026-50570 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (8.5 HIGH)
  • CVE-2026-50566 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (9.9 CRITICAL)
  • CVE-2026-50565 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (4.9 MEDIUM)
  • CVE-2026-50564 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (9.9 CRITICAL)
  • CVE-2026-50563 Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes (9.9 CRITICAL)