PatchSiren cyber security CVE debrief
CVE-2025-30459 Apple CVE debrief
CVE-2025-30459 is a medium-severity privacy issue in Apple macOS Sequoia 15.4. The vulnerability allowed an app to potentially access sensitive user data due to the presence of vulnerable code, which has since been removed. This issue was publicly disclosed on [cvePublishedAt] and last modified on [cveModifiedAt].
- Vendor
- Apple
- Product
- macOS
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-11
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-11
- Advisory updated
- 2026-06-12
Who should care
Users of Apple macOS Sequoia 15.4 and security teams responsible for patching and vulnerability management.
Technical summary
A privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data. The vulnerability is classified under CWE-359.
Defensive priority
The CVSS score for this vulnerability is 5.5, indicating a medium level of severity. The vulnerability requires local access and a low attack complexity.
Recommended defensive actions
- Apply the patch: Update to macOS Sequoia 15.4 to address the vulnerability. Refer to [ref-4] for more information.
Evidence notes
The CVE record [cve-org] and NVD detail [nvd] provide additional information on this vulnerability.
Official resources
-
CVE-2025-30459 CVE record
CVE.org
-
CVE-2025-30459 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Release Notes, Vendor Advisory
CVE-2025-30459 was publicly disclosed on 2026-06-11T19:16:27.463Z and last modified on 2026-06-12T12:37:40.727Z.