Primary

Context

Apple StorageKit Directory Path Parsing Vulnerability Allowing Access to Sensitive User Data

Vulnerability

Patched

A vulnerability exists in the StorageKit component of macOS Sequoia 15.7, macOS Sonoma 14.8, and macOS Tahoe 26. This vulnerability arises from a parsing issue in the handling of directory paths, which was addressed with improved path validation. However, the flaw may still allow an application to access sensitive user data.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive user data.

Remediation

Users can update to macOS Sequoia 15.7, macOS Sonoma 14.8, or macOS Tahoe 26 to address this vulnerability.

Added: Sep 16, 2025, 12:59 AM

Updated: Sep 16, 2025, 12:59 AM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple StorageKit Directory Path Parsing Vulnerability Allowing Access to Sensitive User Data

Vulnerability

Impact

Remediation

Affected Products

Apple macOS Sequoia

Apple macOS Sonoma

Apple macOS Tahoe

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating