Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | macOS | affected |
|
No data.
No data.
OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.
| Vendors | Products |
|---|---|
|
Apple
Subscribe
|
Macos
Subscribe
|
No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
| Link | Providers |
|---|---|
| https://support.apple.com/en-us/122373 |
|
Thu, 11 Jun 2026 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | macOS Symlink Handling Exploit Enables Access to Protected User Data | |
| Weaknesses | CWE-22 CWE-284 |
Thu, 11 Jun 2026 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Apple
Apple macos |
|
| Vendors & Products |
Apple
Apple macos |
Thu, 11 Jun 2026 19:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data. | |
| References |
|
Projects
Sign in to view the affected projects.
MITRE
Status: PUBLISHED
Assigner: apple
Published:
Updated: 2026-06-11T18:47:40.718Z
Reserved: 2025-04-16T15:24:37.101Z
Link: CVE-2025-43278
Vulnrichment
No data.
NVD
Status : Undergoing Analysis
Published: 2026-06-11T19:16:33.393
Modified: 2026-06-11T20:51:53.840
Link: CVE-2025-43278
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-06-11T21:15:07Z