{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-31256", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "state": "PUBLISHED", "assignerShortName": "apple", "dateReserved": "2025-03-27T16:13:58.336Z", "datePublished": "2025-05-12T21:42:59.586Z", "dateUpdated": "2026-04-02T18:24:55.509Z"}, "containers": {"cna": {"problemTypes": [{"descriptions": [{"lang": "en", "description": "Hot corner may unexpectedly reveal a user\u2019s deleted notes"}]}], "affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"version": "0", "status": "affected", "lessThan": "15.5", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.5. Hot corner may unexpectedly reveal a user\u2019s deleted notes."}], "references": [{"url": "https://support.apple.com/en-us/122716"}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2026-04-02T18:24:55.509Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-200", "lang": "en", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-05-13T20:17:02.712127Z", "id": "CVE-2025-31256", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-14T15:07:52.507Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/May/7"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T19:52:24.710Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2025/May/7"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T19:52:24.710Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-31256", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-13T20:17:02.712127Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-13T20:18:00.727Z"}}], "cna": {"affected": [{"vendor": "Apple", "product": "macOS", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "15.5", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/122716"}], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.5. Hot corner may unexpectedly reveal a user\u2019s deleted notes."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Hot corner may unexpectedly reveal a user\u2019s deleted notes"}]}], "providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2025-05-12T21:42:59.586Z"}}}, "cveMetadata": {"cveId": "CVE-2025-31256", "state": "PUBLISHED", "dateUpdated": "2025-11-03T19:52:24.710Z", "dateReserved": "2025-03-27T16:13:58.336Z", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "datePublished": "2025-05-12T21:42:59.586Z", "assignerShortName": "apple"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF1B4AB8-2B51-4EED-BD29-C500C83FAB10", "versionEndExcluding": "15.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15.5. Hot corner may unexpectedly reveal a user\u2019s deleted notes."}, {"lang": "es", "value": "El problema se solucion\u00f3 mejorando la gesti\u00f3n de cach\u00e9s. Este problema se solucion\u00f3 en macOS Sequoia 15.5. La esquina activa puede revelar inesperadamente las notas eliminadas de un usuario."}], "id": "CVE-2025-31256", "lastModified": "2025-11-03T20:18:23.583", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2025-05-12T22:15:25.363", "references": [{"source": "product-security@apple.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://support.apple.com/en-us/122716"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2025/May/7"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-28T01:41:03.800415+00:00", "value": {"mitigation_remediation": ["Apply the macOS Sequoia 15.5 update or newer to eliminate the flaw", "Disable or reconfigure the hot\u2011corner functionality in System Settings to prevent accidental triggers", "Restrict access to the Notes application and monitor for anomalous hot\u2011corner activity in sensitive device usage scenarios"], "summary": {"action": "Apply Update", "impact": "Information disclosure via hot corner revealing deleted notes"}, "threat_synthesis": {"affected_systems": "Apple macOS, particularly the Sequoia series. All releases before macOS Sequoia 15.5 are vulnerable; the issue was fixed in macOS Sequoia 15.5. Users running any earlier 15.x version should upgrade.", "description_and_impact": "This vulnerability arises from improper cache handling in the hot\u2011corner feature of macOS. When the user activates a hot corner, the system may inadvertently expose the contents of notes that have been deleted. The result is the privacy breach of potentially sensitive personal information, as documented by CWE\u2011200.", "risk_and_exploitability": "The CVSS score is 5.5, indicating a moderate risk. The EPSS score is less than 1% and the vulnerability is not included in CISA\u2019s KEV catalog, implying a low exploitation probability in the current landscape. Nevertheless, an attacker could exploit the feature locally by initiating a hot\u2011corner action\u2014potentially through user interaction, remote control of a logged\u2011in session, or automated UI scripts\u2014to view deleted notes. The attack vector is likely local but could be leveraged in environments with shared or unattended devices."}}}}, "created": "2026-04-28T01:45:18.316555+00:00", "title": "Hot Corner Reveals Deleted Notes in macOS", "updated": "2026-04-28T01:45:18.316566+00:00", "vendors": []}