Logic Issue in macOS Tahoe Allows Bypass of Security Checks
CVE-2025-46291

5.5MEDIUM

Key Information:

Vendor: Apple
Status: Mac OS
Vendor: CVE Published:; 17 December 2025

What is CVE-2025-46291?

A logic issue in macOS Tahoe allowed applications to bypass the Gatekeeper security checks, potentially leading to unauthorized execution of malicious software. This vulnerability has been mitigated in the update to macOS Tahoe version 26.2, where improved validation was implemented to enhance the overall security of the operating system.

Affected Version(s)

macOS < 26.2

References

https://support.apple.com/en-us/125886

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 17, 2025
Vulnerability Reserved
Apr 22, 2025

JSON

Apple

What is CVE-2025-46291?

Affected Version(s)

References

CVSS V3.1

Timeline