Symlink Vulnerability in macOS Products by Apple
CVE-2025-43446

Currently unrated

Key Information:

Vendor: Apple
Status: Mac OS
Vendor: CVE Published:; 4 November 2025

What is CVE-2025-43446?

A symlink vulnerability exists in macOS, enabling applications to potentially modify protected areas of the file system. This security issue could allow unauthorized changes to critical system files, undermining system integrity. The problem has been resolved with improved symlink validation in the latest updates for macOS Sonoma and Sequoia. Users are advised to update their systems to ensure enhanced protection.

Affected Version(s)

macOS < 14.8

macOS < 15.7

References

https://support.apple.com/en-us/125636

https://support.apple.com/en-us/125635

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 4, 2025
Vulnerability Reserved
Apr 16, 2025

JSON