QSearchQSearch

CVE-2025-43357

3.3 LOW

This issue was addressed with improved redaction of sensitive information

Published: 2025-09-15 · Last updated: 2026-05-26

Severity and scoring

CVSS
3.3 LOW
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CWE
CWE-359

Affected products

VendorProduct
appleipados, iphone_os, macos

Description

This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 18.7 and iPadOS 18.7, iOS 26 and iPadOS 26, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to fingerprint the user.

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2025-46307 A logic issue was addressed with improved restrictions (5.5 MEDIUM)
  • CVE-2025-46284 A race condition was addressed with additional validation (7.0 HIGH)
  • CVE-2025-46280 An out-of-bounds read was addressed with improved bounds checking (5.5 MEDIUM)
  • CVE-2025-43451 A permissions issue was addressed by removing the vulnerable code (5.5 MEDIUM)
  • CVE-2025-43306 A logic issue was addressed with improved checks (7.8 HIGH)

Same CWE

  • CVE-2026-26237 A missing authorization vulnerability has been reported to affect QuMagie
  • CVE-2026-25699 Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer (6.1 MEDIUM)
  • CVE-2020-25900 HelloTalk through 3.4.1 stores full-precision GPS coordinates even when the user had intended to share only a country or city (5.3 MEDIUM)
  • CVE-2026-8990 A user with physical access to a smartphone can bypass authentication mechanism of Kidsview mobile application and grant himself full acc...
  • CVE-2025-13477 Exposure of private personal information to an unauthorized actor, Insufficiently Protected Credentials vulnerability in Digital Operatio... (7.1 HIGH)