PatchSiren cyber security CVE debrief
CVE-2025-46315 Apple CVE debrief
CVE-2025-46315 is a HIGH-severity vulnerability (CVSS Score: 7.5) affecting macOS, which was publicly disclosed on 2026-06-11. The issue involves a permissions problem that was resolved with additional restrictions in macOS Tahoe 26.1. Successful exploitation could allow an app to access protected user data. Apple has provided a vendor advisory [ref-4] detailing the fix.
- Vendor
- Apple
- Product
- macOS
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-11
- Original CVE updated
- 2026-06-12
- Advisory published
- 2026-06-11
- Advisory updated
- 2026-06-12
Who should care
Users of macOS, particularly those using versions prior to macOS Tahoe 26.1, should apply the update as it addresses a significant privacy concern.
Technical summary
The vulnerability, tracked as CVE-2025-46315, relates to a permissions issue that was fixed in macOS Tahoe 26.1. According to the CVE record [cve-org] and NVD details [nvd], an application may be able to access protected user data due to this issue. The Common Vulnerability Scoring System (CVSS) score is 7.5, indicating a HIGH severity level.
Defensive priority
HIGH
Recommended defensive actions
- Apply the macOS update to version 26.1 or later.
- Ensure all applications are updated and from trusted sources.
Evidence notes
The CVE was published on 2026-06-11 and last modified on 2026-06-12. The vulnerability affects macOS versions prior to 26.1.
Official resources
-
CVE-2025-46315 CVE record
CVE.org
-
CVE-2025-46315 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Release Notes, Vendor Advisory
Publicly disclosed on 2026-06-11.