Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | macOS | affected |
|
No data.
| Vendor | Product | Confidence | Versions |
|---|---|---|---|
| Apple | Macos | — | — |
| Apple | Macos Tahoe | — | — |
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
| Link | Providers |
|---|---|
| https://support.apple.com/en-us/125634 |
|
Tue, 28 Apr 2026 10:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Improper Symlink Handling Enables Deletion of Protected User Data |
Mon, 15 Dec 2025 22:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* |
Mon, 15 Dec 2025 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-59 | |
| Metrics |
cvssV3_1
|
Sun, 14 Dec 2025 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Apple
Apple macos Apple macos Tahoe |
|
| Vendors & Products |
Apple
Apple macos Apple macos Tahoe |
Fri, 12 Dec 2025 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Tahoe 26.1. A malicious app may be able to delete protected user data. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: apple
Published:
Updated: 2026-04-02T18:18:13.797Z
Reserved: 2025-04-16T15:24:37.116Z
Link: CVE-2025-43381
Vulnrichment
Updated: 2025-12-15T13:40:30.357Z
NVD
Status : Analyzed
Published: 2025-12-12T21:15:53.517
Modified: 2025-12-15T22:01:18.707
Link: CVE-2025-43381
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-04-28T10:30:29Z