Primary

Context

Apple macOS Tahoe Symlink Validation Vulnerability Allowing Access to Protected User Data

Vulnerability

Patched

A vulnerability exists in the Apple macOS Tahoe version 26.1, where improper validation of symbolic links may allow an application to access protected user data. This issue has been addressed in the same release by enhancing the validation process for symlinks.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive user data by applications.

Added: Dec 12, 2025, 9:24 PM

Updated: Dec 12, 2025, 9:24 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

1.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

1.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple macOS Tahoe Symlink Validation Vulnerability Allowing Access to Protected User Data

Vulnerability

Impact

Affected Products

Apple macOS Tahoe

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating