CVE-2025-46282 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-46282 PUBLISHED CVSS 5.5 MEDIUM

The issue was addressed with additional permissions checks. This issue is fixed in macOS Tahoe 26.2, Safari 26.2. An app may be able to access sensitive user data.

EPSS 0.01% · 2.5th percentile

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS Score

0.01%

2.5th percentile

Affected Products

Vendor	Product	Versions
apple	macos	0
apple	safari	0
Apple	Safari	unspecified
Apple	macOS	unspecified

Timeline

Dec 15, 2025 CVE Published
Dec 17, 2025 PoC Published
Dec 18, 2025 EPSS Score
Dec 21, 2025 EPSS Score
Dec 25, 2025 EPSS Score
Dec 28, 2025 EPSS Score
Dec 31, 2025 EPSS Score
Jan 4, 2026 EPSS Score
Jan 7, 2026 EPSS Score
Jan 10, 2026 EPSS Score
Jan 14, 2026 EPSS Score
Jan 17, 2026 EPSS Score

References

https://support.apple.com/en-us/125887 advisory
https://support.apple.com/en-us/125891 advisory
https://support.apple.com/en-us/125884 advisory
https://support.apple.com/en-us/125886 advisory
https://support.apple.com/en-us/125885 advisory
https://support.apple.com/en-us/125889 advisory
https://support.apple.com/en-us/125890 advisory
https://support.apple.com/en-us/125892 advisory
https://support.apple.com/en-us/125888 advisory
https://nvd.nist.gov/vuln/detail/CVE-2025-46282 advisory

Open in Interactive Console →