This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Apple |
|
No data.
No data.
OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.
| Vendors | Products |
|---|---|
| Apple |
|
References
| Link | Providers |
|---|---|
| https://support.apple.com/en-us/122373 |
|
History
Thu, 11 Jun 2026 22:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | macOS Symlink Handling Exploit Enables Access to Protected User Data | |
| Weaknesses | CWE-22 CWE-284 |
Thu, 11 Jun 2026 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | macOS Symlink Handling Exploit Enables Access to Protected User Data | |
| Weaknesses | CWE-22 CWE-284 |
Thu, 11 Jun 2026 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Apple
Apple macos |
|
| Vendors & Products |
Apple
Apple macos |
Thu, 11 Jun 2026 19:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: apple
Published:
Updated: 2026-06-11T18:47:40.718Z
Reserved: 2025-04-16T15:24:37.101Z
Link: CVE-2025-43278
Vulnrichment
No data.
NVD
Status : Undergoing Analysis
Published: 2026-06-11T19:16:33.393
Modified: 2026-06-11T20:51:53.840
Link: CVE-2025-43278
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-06-11T22:30:09Z