Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Apple | macOS | affected |
|
No data.
| Vendor | Product | Confidence | Versions |
|---|---|---|---|
| Apple | Macos | — | — |
| Apple | Macos Tahoe | — | — |
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
| Link | Providers |
|---|---|
| https://support.apple.com/en-us/125634 |
|
Wed, 22 Apr 2026 21:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Improved Symlink Validation Allows Access to Protected User Data on macOS |
Mon, 15 Dec 2025 22:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* |
Mon, 15 Dec 2025 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-59 | |
| Metrics |
cvssV3_1
|
Sun, 14 Dec 2025 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Apple
Apple macos Apple macos Tahoe |
|
| Vendors & Products |
Apple
Apple macos Apple macos Tahoe |
Fri, 12 Dec 2025 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protected user data. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: apple
Published:
Updated: 2026-04-02T18:20:27.305Z
Reserved: 2025-04-16T15:24:37.126Z
Link: CVE-2025-43461
Vulnrichment
Updated: 2025-12-15T13:39:31.472Z
NVD
Status : Analyzed
Published: 2025-12-12T21:15:54.410
Modified: 2025-12-15T22:06:40.040
Link: CVE-2025-43461
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-04-22T20:45:27Z