Shodan
Vulnerabilities
Vulnerable Software
Apple:  >> Macos  Security Vulnerabilities
CVE-2025-43381
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Tahoe 26.1. A malicious app may be able to delete protected user data.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-12-12
CVE-2025-43388
An injection issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-12-12
CVE-2025-43393
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to break out of its sandbox.
CVSS Score
5.2
EPSS Score
0.0
Published
2025-12-12
CVE-2025-43402
The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.1. An app may be able to cause unexpected system termination or corrupt process memory.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-12-12
CVE-2025-43404
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.
CVSS Score
3.3
EPSS Score
0.0
Published
2025-12-12
CVE-2025-14373
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
4.3
EPSS Score
0.0
Published
2025-12-12
CVE-2025-14174
Known exploited
Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVSS Score
8.8
EPSS Score
0.006
Published
2025-12-12
CVE-2025-14372
Use after free in Password Manager in Google Chrome prior to 143.0.7499.110 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
6.1
EPSS Score
0.0
Published
2025-12-12
CVE-2025-12843
Code Injection using Electron Fuses in waveterm on MacOS allows TCC Bypass. This issue affects waveterm: 0.12.2.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-12-12
CVE-2025-59803
Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers (e.g., JavaScript) in a PDF document that execute during the signing process. When a signer reviews the document, the content appears normal. However, once the signature is applied, the triggers modify content on other pages or optional content layers without explicit warning. This can cause the signed PDF to differ from what the signer saw, undermining the trustworthiness of the digital signature. The fixed versions are 2025.2.1, 14.0.1, and 13.2.1.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-12-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved