This document describes the security content of macOS Tahoe 26.2.
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security releases page.
Apple security documents reference vulnerabilities by CVE-ID when possible.
For more information about security, see the Apple Product Security page.
Released December 12, 2025
Available for: macOS Tahoe
Impact: An app may be able to access sensitive payment tokens
Description: A permissions issue was addressed with additional restrictions.
CVE-2025-46288: floeki, Zhongcheng Li from IES Red Team of ByteDance
Available for: macOS Tahoe
Impact: Processing a file may lead to memory corruption
Description: The issue was addressed with improved bounds checks.
CVE-2025-43539: Michael Reeves (@IntegralPilot)
Available for: macOS Tahoe
Impact: An app may be able to access sensitive user data
Description: A permissions issue was addressed with additional restrictions.
CVE-2025-43523: an anonymous researcher
CVE-2025-43519: an anonymous researcher
Available for: macOS Tahoe
Impact: An app may be able to access user-sensitive data
Description: A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.
CVE-2025-43522: an anonymous researcher
Available for: macOS Tahoe
Impact: An app may be able to access sensitive user data
Description: A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.
CVE-2025-43521: an anonymous researcher
Available for: macOS Tahoe
Impact: An app may be able to access protected user data
Description: A logic issue was addressed with improved file handling.
CVE-2025-46289: an anonymous researcher
Available for: macOS Tahoe
Impact: An app may be able to cause a denial-of-service
Description: The issue was addressed with improved input validation.
CVE-2025-43482: Jex Amro, Michael Reeves (@IntegralPilot)
Available for: macOS Tahoe
Impact: An app may be able to access protected user data
Description: A privacy issue was addressed with improved private data redaction for log entries.
CVE-2025-43517: Wojciech Regula of SecuRing (wojciechregula.blog)
Available for: macOS Tahoe
Impact: An attacker may be able to spoof their FaceTime caller ID
Description: An inconsistent user interface issue was addressed with improved state management.
CVE-2025-46287: an anonymous researcher, Riley Walz
Available for: macOS Tahoe
Impact: An app may be able to access sensitive user data
Description: A logic issue was addressed with improved validation.
CVE-2025-46283: an anonymous researcher
Available for: macOS Tahoe
Impact: Multiple issues in curl
Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.
CVE-2024-7264
CVE-2025-9086
Available for: macOS Tahoe
Impact: Password fields may be unintentionally revealed when remotely controlling a device over FaceTime
Description: This issue was addressed with improved state management.
CVE-2025-43542: Yiğit Ocak
Available for: macOS Tahoe
Impact: An app may be able to break out of its sandbox
Description: A logic issue was addressed with improved checks.
CVE-2025-46281: an anonymous researcher
Available for: macOS Tahoe
Impact: An app may be able to inappropriately access files through the spellcheck API
Description: A logic issue was addressed with improved checks.
CVE-2025-43518: Noah Gregory (wts.dev)
Available for: macOS Tahoe
Impact: Processing malicious data may lead to unexpected app termination
Description: A memory corruption issue was addressed with improved bounds checking.
CVE-2025-43532: Andrew Calvano and Lucas Pinheiro of Meta Product Security
Available for: macOS Tahoe
Impact: An app may be able to access protected user data
Description: The issue was addressed with improved handling of caches.
CVE-2025-46278: Kirin (@Pwnrin) and LFY (@secsys) of Fudan University
Available for: macOS Tahoe
Impact: An app may be able to identify what other apps a user has installed
Description: A permissions issue was addressed with additional restrictions.
CVE-2025-46279: Duy Trần (@khanhduytran0)
Available for: macOS Tahoe
Impact: An app may be able to elevate privileges
Description: A logic issue was addressed with improved checks.
CVE-2025-43512: Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs
Available for: macOS Tahoe
Impact: An app may be able to gain root privileges
Description: An integer overflow was addressed by adopting 64-bit timestamps.
CVE-2025-46285: Kaitao Xie and Xiaolong Bai of Alibaba Group
Available for: macOS Tahoe
Impact: An app may bypass Gatekeeper checks
Description: A logic issue was addressed with improved validation.
CVE-2025-46291: Kenneth Chew
Available for: macOS Tahoe
Impact: Processing a file may lead to memory corruption
Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.
CVE-2025-5918
Available for: macOS Tahoe
Impact: An app may be able to read sensitive location information
Description: A permissions issue was addressed by removing the vulnerable code.
CVE-2025-43513: Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs
Available for: macOS Tahoe
Impact: An app may be able to access sensitive user data
Description: An information disclosure issue was addressed with improved privacy controls.
CVE-2025-46276: Rosyna Keller of Totally Not Malicious Software
Available for: macOS Tahoe
Impact: A malicious HID device may cause an unexpected process crash
Description: Multiple memory corruption issues were addressed with improved input validation.
CVE-2025-43533: Google Threat Analysis Group
Available for: macOS Tahoe
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved data protection.
CVE-2025-43509: Haoling Zhou, Shixuan Zhao (@NSKernel), Chao Wang (@evi0s), Zhiqiang Lin from SecLab of The Ohio State University
Available for: macOS Tahoe
Impact: An attacker with physical access may be able to view deleted notes
Description: The issue was addressed with improved handling of caches.
CVE-2025-43410: Atul R V
Available for: macOS Tahoe
Impact: Photos in the Hidden Photos Album may be viewed without authentication
Description: A configuration issue was addressed with additional restrictions.
CVE-2025-43428: an anonymous researcher, Michael Schmutzer of Technische Hochschule Ingolstadt
Available for: macOS Tahoe
Impact: On a Mac with Lockdown Mode enabled, web content opened via a file URL may be able to use Web APIs that should be restricted
Description: This issue was addressed with improved URL validation.
CVE-2025-43526: Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs
Available for: macOS Tahoe
Impact: A download's origin may be incorrectly associated
Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.
CVE-2024-8906: @retsew0x01
Available for: macOS Tahoe
Impact: An app may be able to access a user’s Safari history
Description: A logging issue was addressed with improved data redaction.
CVE-2025-46277: Kirin (@Pwnrin)
Available for: macOS Tahoe
Impact: An app may be able to access sensitive user data
Description: A logging issue was addressed with improved data redaction.
CVE-2025-43538: Iván Savransky
Available for: macOS Tahoe
Impact: An app may be able to access protected user data
Description: The issue was addressed with improved handling of caches.
CVE-2025-43514: Morris Richman (@morrisinlife)
Available for: macOS Tahoe
Impact: An app may be able to access sensitive user data
Description: A permissions issue was addressed with additional restrictions.
CVE-2025-43519: an anonymous researcher
Available for: macOS Tahoe
Impact: An app may be able to gain root privileges
Description: A permissions issue was addressed with additional restrictions.
CVE-2025-43527: an anonymous researcher
Available for: macOS Tahoe
Impact: An app may be able to access protected user data
Description: A logic issue was addressed with improved restrictions.
CVE-2025-43416: Gergely Kalman (@gergely_kalman)
Available for: macOS Tahoe
Impact: A user with Voice Control enabled may be able to transcribe another user's activity
Description: A session management issue was addressed with improved checks.
CVE-2025-43516: Kay Belardinelli (Harvard University)
Available for: macOS Tahoe
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved checks.
CVE-2025-43530: Mickey Jin (@patch1t)
Available for: macOS Tahoe
Impact: An app may be able to access sensitive user data
Description: The issue was addressed with additional permissions checks.
WebKit Bugzilla: 295941
CVE-2025-46282: Wojciech Regula of SecuRing (wojciechregula.blog)
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash
Description: A type confusion issue was addressed with improved state handling.
WebKit Bugzilla: 301257
CVE-2025-43541: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an unexpected process crash
Description: A use-after-free issue was addressed with improved memory management.
WebKit Bugzilla: 301726
CVE-2025-43536: Nan Wang (@eternalsakura13)
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an unexpected process crash
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 300774
CVE-2025-43535: Google Big Sleep, Nan Wang (@eternalsakura13)
Entry updated December 17, 2025
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an unexpected process crash
Description: A buffer overflow issue was addressed with improved memory handling.
WebKit Bugzilla: 301371
CVE-2025-43501: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an unexpected process crash
Description: A race condition was addressed with improved state handling.
WebKit Bugzilla: 301940
CVE-2025-43531: Phil Pizlo of Epic Games
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 was also issued in response to this report.
Description: A use-after-free issue was addressed with improved memory management.
WebKit Bugzilla: 302502
CVE-2025-43529: Google Threat Analysis Group
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-43529 was also issued in response to this report.
Description: A memory corruption issue was addressed with improved validation.
WebKit Bugzilla: 303614
CVE-2025-14174: Apple and Google Threat Analysis Group
Available for: macOS Tahoe
Impact: Processing maliciously crafted web content may lead to an unexpected process crash
Description: A use-after-free issue was addressed with improved memory management.
WebKit Bugzilla: 300926
CVE-2025-43511: 이동하 (Lee Dong Ha of BoB 14th)
We would like to acknowledge an anonymous researcher for their assistance.
We would like to acknowledge Mickey Jin (@patch1t) for their assistance.
We would like to acknowledge an anonymous researcher for their assistance.
We would like to acknowledge Golden Helm Securities for their assistance.
We would like to acknowledge Nathaniel Oh (@calysteon) and Joel Peterson (@sekkyo) for their assistance.
We would like to acknowledge Mochammad Nosa Shandy Prastyo for their assistance.
We would like to acknowledge Arnaud Abbati for their assistance.
We would like to acknowledge PixiePoint Security for their assistance.
We would like to acknowledge Geva Nurgandi Syahputra (gevakun) for their assistance.