Skip to main content

Apple macOS CVE-2025-46280

| EUVD-2025-209942 MEDIUM
Out-of-bounds Read (CWE-125)
2026-05-26 apple
Buffer Overflow Information Disclosure Apple
5.5
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

5
Analysis Generated
May 27, 2026 - 19:42 vuln.today
CVSS changed
May 27, 2026 - 19:37 NVD
5.5 (MEDIUM)
Patch available
May 26, 2026 - 23:02 EUVD
CVE Published
May 26, 2026 - 21:32 nvd
MEDIUM 5.5
CVE Published
May 26, 2026 - 21:32 nvd
UNKNOWN (no severity yet)

DescriptionNVD

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to cause unexpected system termination.

AnalysisAI

Out-of-bounds read in Apple macOS (all versions prior to macOS Tahoe 26) allows a locally authenticated, low-privileged application to trigger unexpected system termination, constituting a local denial-of-service condition. The root cause is insufficient bounds checking in a macOS component, addressed by Apple in macOS Tahoe 26. No public exploit code exists and this vulnerability is not listed in CISA KEV, though a vendor-confirmed patch is available.

Technical ContextAI

CWE-125 (Out-of-Bounds Read) describes a condition where software reads data past the end or before the beginning of an intended buffer. In this case, a macOS component fails to validate memory access boundaries before reading, allowing a local application to cause the operating system to access invalid memory regions. The CPE string cpe:2.3:a:apple:macos:*:*:*:*:*:*:*:* confirms the vulnerability affects the Apple macOS application layer broadly across all versions prior to Tahoe 26. Apple's remediation - improved bounds checking - is the standard mitigation for CWE-125 class vulnerabilities. Notably, the assigned tags include 'Information Disclosure,' which conflicts with the CVSS vector's C:N (no confidentiality impact); the primary and confirmed impact is availability loss via system termination, and the information disclosure characterization is not independently supported by available data.

RemediationAI

The primary remediation is to upgrade to macOS Tahoe 26, which Apple confirms resolves this issue via improved bounds checking. Refer to the Apple security advisory at https://support.apple.com/en-us/125110 for update instructions. No workarounds are documented by the vendor. If immediate upgrade is not feasible in managed environments, restricting the execution of untrusted third-party applications via macOS Gatekeeper, MDM application allow-listing, or System Integrity Protection (SIP) policies can reduce exposure by limiting which apps can trigger the vulnerable code path, though these controls are compensating measures and do not eliminate the underlying vulnerability.

More from same product – last 7 days

CVE-2026-47114 HIGH POC
8.6 May 21

Arbitrary command execution in IINA media player for macOS versions prior to 1.4.3 allows remote attackers to run shell

CVE-2026-44739 HIGH
8.7 May 27

SQL injection in Pimcore's CustomReportsBundle (versions ≤ 12.3.5) lets an authenticated user holding the reports_config
CVE-2026-5817 HIGH
8.2 May 22

Arbitrary code execution in Docker Model Runner's vllm-metal inference backend on macOS allows any container on the Dock
CVE-2026-5843 HIGH
8.2 May 22

Arbitrary code execution in Docker Desktop's Model Runner on macOS allows any container on the Docker network to escape

CVE-2025-43306 HIGH
7.8 May 26

Local privilege escalation in Apple macOS allows a malicious app already running with low privileges to elevate to root

Share

CVE-2025-46280 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy