Memory Corruption Vulnerability in macOS by Apple
CVE-2025-43287

7.1HIGH

Key Information:

Vendor: Apple
Status: Mac OS
Vendor: CVE Published:; 15 September 2025

What is CVE-2025-43287?

A vulnerability has been identified in macOS that allows a crafted image to potentially corrupt process memory, thereby posing risks to system integrity. This issue has been addressed in macOS Tahoe 26 with enhanced memory handling techniques to mitigate the threat from maliciously crafted images.

Affected Version(s)

macOS < 26

References

https://support.apple.com/en-us/125110

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 15, 2025
Vulnerability Reserved
Apr 16, 2025