VDB
CVE-2025-46278
CVE-2025-46278
PUBLISHED
CVSS 5 MEDIUM
The issue was addressed with improved handling of caches. This issue is fixed in macOS Tahoe 26.2. An app may be able to access protected user data.
EPSS 0.01% · 2.1th percentile
Risk Scores
CVSS 3.1
5
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N
EPSS Score
0.01%
2.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| apple | macos | 0 |
| Apple | macOS | unspecified |
Exploit Intelligence
- CIRCL seen: CVE-2025-46278 (circl-sighting)
- https://support.apple.com/en-us/125886 (circl)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v1_generated.go (github-poc)
- macos_v1_generated.go (github-poc)
- macos_v1_generated.go (github-poc)
…and 2 more exploits
Timeline
- Dec 15, 2025 CVE Published
- Dec 17, 2025 PoC Published
- Dec 18, 2025 EPSS Score
- Dec 22, 2025 EPSS Score
- Dec 26, 2025 EPSS Score
- Dec 30, 2025 EPSS Score
- Jan 3, 2026 EPSS Score
- Jan 6, 2026 EPSS Score
- Jan 10, 2026 EPSS Score
- Jan 14, 2026 EPSS Score
- Jan 18, 2026 EPSS Score
- Jan 22, 2026 EPSS Score
References
- https://support.apple.com/en-us/125887 advisory
- https://support.apple.com/en-us/125891 advisory
- https://support.apple.com/en-us/125884 advisory
- https://support.apple.com/en-us/125886 advisory
- https://support.apple.com/en-us/125885 advisory
- https://support.apple.com/en-us/125889 advisory
- https://support.apple.com/en-us/125890 advisory
- https://support.apple.com/en-us/125892 advisory
- https://support.apple.com/en-us/125888 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-46278 advisory