Out-of-Bounds Write Vulnerability in Xcode by Apple
CVE-2025-43505

8.8HIGH

Key Information:

Vendor

Apple
Status
Xcode
Vendor
CVE Published:
4 November 2025

What is CVE-2025-43505?

An out-of-bounds write vulnerability in Apple's Xcode allows for heap corruption when processing maliciously crafted files. Improved input validation was implemented to mitigate this risk. Users are encouraged to update to the latest version, Xcode 26.1, to ensure their systems remain secure.

Affected Version(s)

Xcode < 26.1

References

https://support.apple.com/en-us/125641

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.