CVE-2025-43294 | THREATINT

Description

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user data.

PUBLISHED Reserved 2025-04-16 | Published 2025-09-15 | Updated 2025-09-17 | Assigner apple

Problem types

An app may be able to access sensitive user data

Product status

Any version before 26

affected

References

support.apple.com/en-us/125110

cve.org (CVE-2025-43294)

nvd.nist.gov (CVE-2025-43294)

Download JSON