CVE-2025-43263

⚠️ high

The issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to read and write files outside of its sandbox.

CVSS Score

7.1

High

EPSS Score

0.0

Exploit Probability

Published Date

2025-09-15

First Seen: 2026-01-05

This CVE is Moderate Risk - more severe than 53.9% of all 317,883 vulnerabilities in our database.

#146,466

Above average severity

Severity Percentile

🔍 Exploitation Status

None

No known exploits

⚙️ Automatable

Requires human interaction

💥 Technical Impact

Total

Complete system compromise possible

SSVC data provided by CISA

Last Modified 2025-11-03

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CWE IDs (Weakness Types)

CWE-284

📦 Affected Products 1

Vendor	Product	Status	Affected Versions
apple	xcode	Affected	< 26.0

Release Notes Vendor Advisory

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2025-31186	ℹ️ low	3.3	0.0	A permissions issue was addressed with additional restrictions. This issue is fixed in Xcode 16.3. An app may be able to...	2026-01-16
CVE-2025-43504	🔶 medium	4.9	0.1	A buffer overflow was addressed with improved bounds checking. This issue is fixed in Xcode 26.1. A user in a privileged...	2025-11-04
CVE-2025-43505	⚠️ high	8.8	0.1	An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Xcode 26.1. Processing...	2025-11-04
CVE-2025-43370	🔶 medium	4.0	0.0	A path handling issue was addressed with improved validation. This issue is fixed in Xcode 26. Processing an overly larg...	2025-09-15
CVE-2025-43371	⚠️ high	8.2	0.0	This issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to break out of its s...	2025-09-15
CVE-2025-43375	🔶 medium	5.5	0.1	The issue was addressed with improved checks. This issue is fixed in Xcode 26. Processing an overly large path value may...	2025-09-15

These CVEs affect the same products