CVE-2025-46297

🔶 medium

Summary

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.2. An app may be able to access protected files within an App Sandbox container.

CVSS Score

5.5

Medium

EPSS Score

0.0

Exploit Probability

Published Date

2026-01-09

First Seen: 2026-01-17

Last Modified 2026-01-14

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE IDs (Weakness Types)

CWE-284

🔗 References 1

https://support.apple.com/en-us/125886

Release Notes Vendor Advisory

📦 Affected Products 1

Vendor	Product	Status	Affected Versions
apple	macos	Affected	< 26.2

🔗 Related CVEs 6

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2025-46306	🔶 medium	5.5	0.0	The issue was addressed with improved bounds checks. This issue is fixed in macOS Tahoe 26, Keynote 15.1, iOS 26 and iPa...	2026-01-28
CVE-2025-46316	🔶 medium	4.3	0.0	An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 26.1 and iPadOS 26.1, Pag...	2026-01-28
CVE-2024-44210	ℹ️ low	3.3	0.0	This issue was addressed with improved permissions checking. This issue is fixed in macOS Sequoia 15.1. An app may be ab...	2026-01-16
CVE-2025-43508	🔶 medium	5.5	0.0	A logging issue was addressed with improved data redaction. This issue is fixed in macOS Tahoe 26.1. An app may be able ...	2026-01-16
CVE-2025-46298	🔶 medium	6.5	0.0	The issue was addressed with improved memory handling. This issue is fixed in tvOS 26.2, Safari 26.2, watchOS 26.2, visi...	2026-01-09
CVE-2025-46299	🔶 medium	4.3	0.1	A memory initialization issue was addressed with improved memory handling. This issue is fixed in tvOS 26.2, Safari 26.2...	2026-01-09

These CVEs affect the same products