CVE Catalog

CVE-2025-24268

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.02%

4th percentile — higher than 4% of all known CVEs

Summary

A parsing issue in the handling of directory paths was addressed with improved path validation. An app may be able to access sensitive user data.

Risk Assessment

The organization may be exposed to unauthorized access to user data, potentially leading to information leakage.

Recommendation

It is recommended to update the system to macOS Sequoia 15.4 to mitigate this vulnerability.

Original NVD description (English source)

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS