PatchSiren cyber security CVE debrief
CVE-2025-31272 Apple CVE debrief
CVE-2025-31272 is a HIGH severity vulnerability in macOS Sequoia 15.4. The issue was addressed with improved checks. An app may be able to bypass launch constraint protections and execute malicious code with elevated privileges. The CVSS score for this vulnerability is 7.8.
- Vendor
- Apple
- Product
- macOS
- CVSS
- HIGH 7.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-11
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-11
- Advisory updated
- 2026-06-12
Who should care
Users of macOS Sequoia 15.4, Security teams responsible for macOS systems, IT administrators
Technical summary
The vulnerability was addressed with improved checks in macOS Sequoia 15.4. An app may be able to bypass launch constraint protections and execute malicious code with elevated privileges.
Defensive priority
HIGH
Recommended defensive actions
- Update macOS Sequoia to version 15.4 or later
- Ensure all apps are from trusted sources and have been reviewed
- Monitor system logs for suspicious activity
Evidence notes
The CVE was published on 2026-06-11T19:16:27.567Z and modified on 2026-06-12T12:37:24.430Z. The vendor is Apple, and the product is macOS.
Official resources
-
CVE-2025-31272 CVE record
CVE.org
-
CVE-2025-31272 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Release Notes, Vendor Advisory
CVE-2025-31272 was published on 2026-06-11T19:16:27.567Z and modified on 2026-06-12T12:37:24.430Z.