Primary

Context

Apple Compressor Arbitrary Code Execution Vulnerability

Vulnerability

A vulnerability in Apple Compressor versions prior to 4.11.1 allows an unauthenticated user on the same network as a Compressor server to execute arbitrary code. This issue arises because the application previously accepted external connections by default.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of arbitrary code on the Compressor server.

Remediation

Users can upgrade to Apple Compressor 4.11.1 to address this vulnerability. This version is available for macOS Sequoia 15.6 and later.

Added: Nov 13, 2025, 7:23 PM

Updated: Nov 13, 2025, 8:27 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.9

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.9

remediation

7.7

relevance

1.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple Compressor Arbitrary Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating