CVE-2025-43524: Buffer Overflow
Published Dec 12, 2025
·Updated
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.2. An app may be able to break out of its sandbox.
Other sources
APFS. A buffer overflow was addressed with improved bounds checking.
— Apple
App Store. A permissions issue was addressed with additional restrictions.
— Apple
AppleJPEG. A memory corruption issue was addressed with improved input validation.
— Apple
AppleJPEG. The issue was addressed with improved bounds checks.
— Apple
AppleMobileFileIntegrity. A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.
— Apple
Credit
Dave G., impost0r (ret2plt), David Ige(Beryllium Security), Arni Hardarson, Andreas Jaegersberger & Ro Achterberg(Nosebeard Labs), Alex Radocea, Kun Peeks@@SwayZGl1tZyyy, Aswin Kumar Gokula Kannan, Csaba Fitzl@@theevilbit(Iru), Suresh Sundaram, Jiri Ha, wdszzml, Atuin Automated Vulnerability Discovery Engine, Johnny Franks@@zeroxjf, Google Threat Analysis Group, Mihalis Haatainen, Ari Hawking, Ashish Kunwar, Vaagn Vardanian, Nathaniel Oh@@calysteon, Yiğit Can YILMAZ@@yilmazcanyigit, Robert Tran(STAR Labs SG Pte), popku1337(STAR Labs SG Pte), Billy Jheng Bing Jhong(STAR Labs SG Pte), Pan Zhenpeng@@Peterpan0927(STAR Labs SG Pte), Aswin kumar Gokulakannan, Calif.io in collaboration with Claude, Anthropic Research, beist, Ryan Hileman via Xint Code (xint.io), Tristan Madani@@TristanInSec(Talence Security), Chris Betz, Dhiyanesh Selvaraj@@redroot97, Atul R V, Anton Pakhunov, Ricardo Prado, Ian van der Wurff (ian.nl), Ilya Sc. Jowell A., Morris Richman@@morrisinlife, Andrei Dodu, Peter Malone, Doron Assness, Amy (amys.website), YingQi Shi@@Mas0nShi(DBAppSecurity's WeBin lab), an anonymous researcher, Wang Yu, Brendon Tiszka(Google Project Zero), Zhongcheng Li(IES Red Team), Michael DePlante@@izobashi(TrendAI Zero Day Initiative), Peter Malone(Supernetworks), Dave G.(Supernetworks), Alex Radocea(Supernetworks), Andy Koo@@andykoo(Hexens), floeki(IES Red Team of ByteDance), Zhongcheng Li(IES Red Team of ByteDance), Michael Reeves@@IntegralPilot, Mickey Jin@@patch1t, Jex Amro, Wojciech Regula(SecuRing), Riley Walz, CVE-2024-7264, CVE-2025-9086, Yiğit Ocak, Ron Elemans, Noah Gregory (wts.dev), Andrew Calvano(Meta Product Security), Lucas Pinheiro(Meta Product Security), Kirin@@Pwnrin(Fudan University), LFY@@secsys(Fudan University), Duy Trần@@khanhduytran0, Kaitao Xie(Alibaba Group), Xiaolong Bai(Alibaba Group), Kenneth Chew, CVE-2025-5918, Rosyna Keller(Totally Not Malicious Software), Haoling Zhou(SecLab of The Ohio State University), Shixuan Zhao@@NSKernel(SecLab of The Ohio State University), Chao Wang@@evi0s(SecLab of The Ohio State University), Zhiqiang Lin(SecLab of The Ohio State University), an anonymous researcher(Technische Hochschule Ingolstadt), Michael Schmutzer(Technische Hochschule Ingolstadt), @@retsew0x01, Kirin@@Pwnrin, Iván Savransky, Bing Shi(Alibaba Group), Wenchao Li(Alibaba Group), (Indiana University Bloomington), Luyi Xing(Indiana University Bloomington), Gergely Kalman@@gergely_kalman, Kay Belardinelli (Harvard University), Hossein Lotfi@@hosselot(Trend Micro Zero Day Initiative), Nan Wang@@eternalsakura13, Google Big Sleep, Phil Pizlo(Epic Games), Apple, 이동하 (Lee Dong Ha(BoB 14th)
Affected Software
6 affected componentsFixes available
Apple macOS Sonoma<14.8.7
14.8.7
Apple macOS Sequoia<15.7.7
15.7.7
Apple macOS Tahoe<26.2
26.2
Apple macOS>=14.0<14.8.7
Apple macOS>=15.0<15.7.7
Apple macOS>=26.0<26.2
Event History
Dec 12, 2025
Data Sourced
via Apple·12:00 AM
DescriptionWeaknessAffected Software
Updated
via Apple·12:00 AM
DescriptionWeakness
May 11, 2026
Updated
via Apple·12:00 AM
DescriptionWeaknessAffected Software
May 12, 2026
CVE Published
via MITRE·05:35 PM
Data Sourced
via MITRE·05:35 PM
DescriptionWeakness
Data Sourced
via NVD·06:16 PM
DescriptionSeverityWeaknessAffected Software
Parent advisories
This vulnerability appears in the following advisories.
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2026-28959
- CVE-2026-28956
- CVE-2026-39869
- CVE-2026-28922
- CVE-2026-28936
- CVE-2026-28915
- CVE-2026-43659
- CVE-2026-28923
- CVE-2026-28925
- CVE-2025-43524
- CVE-2026-28977
- CVE-2026-28990
- CVE-2026-28978
- CVE-2026-28992
- CVE-2026-28943
- CVE-2026-28969
- CVE-2026-43654
- CVE-2026-28954
- CVE-2026-28897
- CVE-2026-28952
- CVE-2026-28908
- CVE-2026-28951
- CVE-2026-28972
- CVE-2026-28986
- CVE-2026-28987
- CVE-2026-28929
- CVE-2026-43653
- CVE-2026-43668
- CVE-2026-43666
- CVE-2026-28906
- CVE-2026-28840
- CVE-2026-43656
- CVE-2026-39870
- CVE-2026-28846
- CVE-2026-28993
- CVE-2026-28996
- CVE-2026-28919
- CVE-2026-28924
- CVE-2026-39871
- CVE-2026-28819
- CVE-2026-28994
- CVE-2026-28920
- CVE-2026-28878
- CVE-2026-28940
- CVE-2026-28941
- CVE-2026-28848
- CVE-2026-28974
- CVE-2025-46288
- CVE-2025-43539
- CVE-2025-43523
- CVE-2025-43519
- CVE-2025-43522
- CVE-2025-43521
- CVE-2025-46289
- CVE-2025-46297
- CVE-2025-43482
- CVE-2025-43517
- CVE-2025-46287
- CVE-2025-46283
- CVE-2024-7264
- CVE-2025-9086
- CVE-2025-43542
- CVE-2025-46281
- CVE-2025-43417
- CVE-2025-43518
- CVE-2025-43532
- CVE-2025-46278
- CVE-2025-46279
- CVE-2025-43512
- CVE-2025-46285
- CVE-2025-46291
- CVE-2025-5918
- CVE-2025-43513
- CVE-2025-46276
- CVE-2025-43533
- CVE-2025-46300
- CVE-2025-46301
- CVE-2025-46302
- CVE-2025-46303
- CVE-2025-46304
- CVE-2025-46305
- CVE-2025-43509
- CVE-2025-43410
- CVE-2025-43428
- CVE-2025-43526
- CVE-2024-8906
- CVE-2025-46277
- CVE-2025-43538
- CVE-2025-46290
- CVE-2025-43514
- CVE-2025-43527
- CVE-2025-43416
- CVE-2025-43516
- CVE-2025-43530
- CVE-2025-46282
- CVE-2025-43541
- CVE-2025-43536
- CVE-2025-43535
- CVE-2025-46298
- CVE-2025-43501
- CVE-2025-43531
- CVE-2025-14174
- CVE-2025-43529
- CVE-2025-46299
- CVE-2025-43511