Primary

Context

Apple Core Services Logic Issue Allowing Access to Sensitive User Data

Vulnerability

Patched

A logic vulnerability in the Core Services component of macOS Tahoe, prior to 26.2, allows applications to access sensitive user data. This issue was addressed with improved validation. The vulnerability could potentially be exploited by apps to access protected information without proper authorization.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive user data by applications.

Remediation

Users can update to macOS Tahoe 26.2 to address this vulnerability.

Added: Dec 17, 2025, 9:26 PM

Updated: Dec 17, 2025, 9:26 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

1.5

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

1.5

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple Core Services Logic Issue Allowing Access to Sensitive User Data

Vulnerability

Impact

Remediation

Affected Products

Apple macOS Tahoe

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating