VDB
CVE-2025-46282
CVE-2025-46282
PUBLISHED
CVSS 5.5 MEDIUM
The issue was addressed with additional permissions checks. This issue is fixed in macOS Tahoe 26.2, Safari 26.2. An app may be able to access sensitive user data.
EPSS 0.01% · 1.4th percentile
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
0.01%
1.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| apple | macos | 0 |
| apple | safari | 0 |
| Apple | Safari | * |
| Apple | macOS | unspecified |
Exploit Intelligence
- CIRCL seen: CVE-2025-46282 (circl-sighting)
- https://support.apple.com/en-us/125892 (circl)
- https://support.apple.com/en-us/125886 (circl)
- macos_v1_generated.go (github-poc)
- macos_v1_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v2_generated.go (github-poc)
- macos_v1_generated.go (github-poc)
…and 8 more exploits
Timeline
- Dec 15, 2025 CVE Published
- Dec 17, 2025 PoC Published
- Dec 18, 2025 EPSS Score
- Dec 22, 2025 EPSS Score
- Dec 26, 2025 EPSS Score
- Dec 30, 2025 EPSS Score
- Jan 3, 2026 EPSS Score
- Jan 6, 2026 EPSS Score
- Jan 10, 2026 EPSS Score
- Jan 14, 2026 EPSS Score
- Jan 18, 2026 EPSS Score
- Jan 22, 2026 EPSS Score
References
- https://support.apple.com/en-us/125887 advisory
- https://support.apple.com/en-us/125891 advisory
- https://support.apple.com/en-us/125884 advisory
- https://support.apple.com/en-us/125886 advisory
- https://support.apple.com/en-us/125885 advisory
- https://support.apple.com/en-us/125889 advisory
- https://support.apple.com/en-us/125890 advisory
- https://support.apple.com/en-us/125892 advisory
- https://support.apple.com/en-us/125888 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-46282 advisory