Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Local vector confirmed by logging context; PR:N because app requires no elevated privileges; UI:R for the user action that triggers data logging; C:H for potential exposure of sensitive user data.
Primary rating from Vendor (apple).
CVSS VectorVendor: apple
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Lifecycle Timeline
5DescriptionCVE.org
A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.1. An app may be able to access sensitive user data.
AnalysisAI
macOS logs sensitive user data without adequate redaction, allowing a local application to read that data from system logs without requiring elevated privileges. Affecting all macOS versions prior to Tahoe 26.1, the flaw (CWE-532) stems from insufficient data sanitization in the operating system's logging subsystem. An app running in the user context can exploit this to access confidential information that should be protected, with no public exploit identified at time of analysis and an EPSS probability of 0.02%.
Technical ContextAI
CWE-532 (Insertion of Sensitive Information into Log File) describes a class of flaw where an application or OS component writes data to logs that should be treated as sensitive - credentials, tokens, personal information, or private user content - without redacting or masking it. The affected product per CPE is cpe:2.3:a:apple:macos:*:*:*:*:*:*:*:*, covering Apple macOS broadly. The fix, described as 'improved data redaction,' confirms the root cause: the logging pipeline lacked proper sanitization rules for certain data categories. Because log files on macOS may be accessible to sandboxed or unprivileged apps under specific entitlements or log API access, a malicious application could query system logs to retrieve data it otherwise should not have access to. This is a confidentiality-only issue (I:N, A:N in the CVSS vector), with no integrity or availability impact.
RemediationAI
The vendor-released patch is macOS Tahoe 26.1, which addresses this issue with improved log data redaction. Users and administrators should upgrade to macOS Tahoe 26.1 or later as the primary remediation. The Apple security advisory at https://support.apple.com/en-us/125634 documents this fix. No confirmed workaround is available for unpatched systems, but as a compensating control, administrators can restrict third-party application access to system log APIs via macOS privacy controls and MDM policies to reduce the attack surface. Additionally, auditing which applications have been granted log access entitlements can help identify potentially exploiting apps until patching is feasible.
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-210112
GHSA-36xw-wj35-w3q4