CVE-2025-31186

ℹ️ low

A permissions issue was addressed with additional restrictions. This issue is fixed in Xcode 16.3. An app may be able to bypass Privacy preferences.

CVSS Score

3.3

Low

EPSS Score

0.0

Exploit Probability

Published Date

2026-01-16

First Seen: 2026-01-17

This CVE is Lower Risk - more severe than 2.8% of all 317,883 vulnerabilities in our database.

#309,124

Below average severity

Severity Percentile

🔍 Exploitation Status

None

No known exploits

⚙️ Automatable

Requires human interaction

💥 Technical Impact

Partial

Limited system impact

SSVC data provided by CISA

Last Modified 2026-01-27

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

CWE IDs (Weakness Types)

CWE-284

📦 Affected Products 1

Vendor	Product	Status	Affected Versions
apple	xcode	Affected	< 16.3

Vendor Advisory

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2025-43504	🔶 medium	4.9	0.1	A buffer overflow was addressed with improved bounds checking. This issue is fixed in Xcode 26.1. A user in a privileged...	2025-11-04
CVE-2025-43505	⚠️ high	8.8	0.1	An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Xcode 26.1. Processing...	2025-11-04
CVE-2025-43263	⚠️ high	7.1	0.0	The issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to read and write file...	2025-09-15
CVE-2025-43370	🔶 medium	4.0	0.0	A path handling issue was addressed with improved validation. This issue is fixed in Xcode 26. Processing an overly larg...	2025-09-15
CVE-2025-43371	⚠️ high	8.2	0.0	This issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to break out of its s...	2025-09-15
CVE-2025-43375	🔶 medium	5.5	0.1	The issue was addressed with improved checks. This issue is fixed in Xcode 26. Processing an overly large path value may...	2025-09-15

These CVEs affect the same products