Apple 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は vendor risk memory corruption、パス処理の欠陥, and vendor risk input validation に関連することが多く、vendor surface server deployment and vendor surface system components の文脈で vendor impact unexpected behavior and vendor impact session compromise などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-46307 | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user data. | [email protected] | 5.5 | 0.01% | 2026-05-26 | 2026-05-27 |
| CVE-2025-46284 | A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia 15.7, macOS Tahoe 26. An app may be able to gain root privileges. | [email protected] | 7.0 | 0.01% | 2026-05-26 | 2026-05-27 |
| CVE-2025-46280 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to cause unexpected system termination. | [email protected] | 5.5 | 0.01% | 2026-05-26 | 2026-05-27 |
| CVE-2025-43451 | A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user data. | [email protected] | 5.5 | 0.00% | 2026-05-26 | 2026-05-27 |
| CVE-2025-43306 | A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A malicious app may be able to gain root privileges. | [email protected] | 7.8 | 0.01% | 2026-05-26 | 2026-05-27 |
| CVE-2025-43290 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to modify protected parts of the file system. | [email protected] | 5.5 | 0.00% | 2026-05-26 | 2026-05-27 |
| CVE-2025-43289 | A logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A malicious app may be able to access sensitive user data. | [email protected] | 5.5 | 0.01% | 2026-05-26 | 2026-05-27 |
| CVE-2025-46311 | An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2. An app may be able to access sensitive user data. | [email protected] | 7.5 | 0.03% | 2026-05-12 | 2026-05-12 |
| CVE-2025-43524 | An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.2. An app may be able to break out of its sandbox. | [email protected] | 8.8 | 0.01% | 2026-05-12 | 2026-05-13 |
| CVE-2026-43668 | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory. | [email protected] | 7.5 | 0.16% | 2026-05-11 | 2026-05-13 |
| CVE-2026-43666 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An attacker on the local network may be able to cause a denial-of-service. | [email protected] | 6.2 | 0.02% | 2026-05-11 | 2026-05-13 |
| CVE-2026-43661 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. Processing a maliciously crafted image may corrupt process memory. | [email protected] | 7.5 | 0.06% | 2026-05-11 | 2026-05-12 |
| CVE-2026-43660 | A validation issue was addressed with improved logic. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. | [email protected] | 7.5 | 0.09% | 2026-05-11 | 2026-05-13 |
| CVE-2026-43659 | A race condition was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, visionOS 26.5. An app may be able to access sensitive user data. | [email protected] | 4.7 | 0.02% | 2026-05-11 | 2026-05-12 |
| CVE-2026-43658 | The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected Safari crash. | [email protected] | 7.5 | 0.02% | 2026-05-11 | 2026-05-13 |
| CVE-2026-43656 | An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. Parsing a maliciously crafted file may lead to an unexpected app termination. | [email protected] | 7.3 | 0.05% | 2026-05-11 | 2026-05-13 |
| CVE-2026-43655 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination or read kernel memory. | [email protected] | 7.3 | 0.05% | 2026-05-11 | 2026-05-13 |
| CVE-2026-43654 | The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to disclose kernel memory. | [email protected] | 7.5 | 0.02% | 2026-05-11 | 2026-05-14 |
| CVE-2026-43653 | The issue was addressed with improved memory handling. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5. An attacker on the local network may be able to cause a denial-of-service. | [email protected] | 6.2 | 0.02% | 2026-05-11 | 2026-05-13 |
| CVE-2026-43652 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.5. An app may be able to access protected user data. | [email protected] | 7.5 | 0.01% | 2026-05-11 | 2026-05-14 |