Primary

Context

Apple macOS Sequoia Injection Vulnerability Allowing Access to Sensitive User Data

Vulnerability

Patched

A vulnerability exists in the handling of environment variables within the Core Services framework of macOS Sequoia. This injection issue, which could allow an application to access sensitive user data, has been addressed in the latest update by implementing improved validation. The vulnerability was reported by Mickey Jin.

Impact

Exploitation of this vulnerability could lead to unauthorized access to protected user data.

Remediation

Users can update to macOS Sequoia 15.6 to address this vulnerability.

Added: Jul 30, 2025, 12:28 AM

Updated: Jul 30, 2025, 12:28 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple macOS Sequoia Injection Vulnerability Allowing Access to Sensitive User Data

Vulnerability

Impact

Remediation

Affected Products

Apple macOS Sequoia

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating