PatchSiren cyber security CVE debrief
CVE-2025-46293 Apple CVE debrief
CVE-2025-46293 is a medium-severity vulnerability in Apple macOS, addressed in macOS Sequoia 15.4. The issue was related to improved handling of symlinks. An app may be able to access protected user data. The CVSS score for this vulnerability is 5.5.
- Vendor
- Apple
- Product
- macOS
- CVSS
- MEDIUM 5.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-11
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-11
- Advisory updated
- 2026-06-12
Who should care
Users of Apple macOS, particularly those who have not updated to macOS Sequoia 15.4, should be aware of this vulnerability and take steps to mitigate it.
Technical summary
The vulnerability, CVE-2025-46293, was addressed with improved handling of symlinks in macOS Sequoia 15.4. This issue could allow an app to access protected user data. The Common Vulnerability Scoring System (CVSS) score for this vulnerability is 5.5, indicating a medium severity level.
Defensive priority
Medium
Recommended defensive actions
- Update to macOS Sequoia 15.4 or later.
Evidence notes
The CVE-2025-46293 vulnerability was addressed in macOS Sequoia 15.4. For more information, refer to [ref-4](https://support.apple.com/en-us/122373).
Official resources
-
CVE-2025-46293 CVE record
CVE.org
-
CVE-2025-46293 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Release Notes, Vendor Advisory
CVE-2025-46293 was published on [cvePublishedAt](https://www.cve.org/CVERecord?id=CVE-2025-46293) and modified on [cveModifiedAt](https://nvd.nist.gov/vuln/detail/CVE-2025-46293).