Primary

Context

Apple macOS Tahoe Directory Path Handling Vulnerability Allowing Access to Sensitive User Data

Vulnerability

Patched

A vulnerability has been identified in the directory path handling within the Apple macOS Tahoe operating system. This issue, present in versions prior to macOS Tahoe 26.1, involves a parsing flaw that could allow an application to access sensitive user data. The vulnerability arises from inadequate path validation, which could be exploited to manipulate directory paths and access protected information.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive user data by applications.

Remediation

Users can upgrade to macOS Tahoe 26.1 to address this vulnerability.

Added: Dec 12, 2025, 9:23 PM

Updated: Dec 12, 2025, 9:23 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

1.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

1.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple macOS Tahoe Directory Path Handling Vulnerability Allowing Access to Sensitive User Data

Vulnerability

Impact

Remediation

Affected Products

Apple macOS Tahoe

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating