Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Versions of Apple macOS Sequoia 15.1 had a security vulnerability due to permission issues, which could allow malicious applications with root access to access private information...

EUVD-2021-13969

Malware in sbrugna...

EUVD-2018-18569

Malware in sbrugna...

EUVD-2023-44891

Malicious code in bioql PyPI...

EUVD-2023-44899

Malicious code in bioql PyPI...

EUVD-2025-21788

Malicious code in bioql PyPI...

CVE-2025-54871 Electron Capture is Vulnerable to TCC Bypass via Misconfigured Node Fuses (macOS)

Electron Capture facilitates video playback for screen-sharing and capture. In versions 2.19.1 and below, the elecap app on macOS allows local unprivileged users to bypass macOS TCC privacy protections by enabling ELECTRONRUNASNODE. This environment variable allows arbitrary Node.js code to be...

CVE-2025-43254

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. Processing a maliciously crafted file may lead to unexpected app termination...

PT-2025-31334 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.6 macOS versions prior to 14.7.7 macOS versions prior to 13.7.7 Description: A permissions issue was addressed with additional restrictions. An app may be able to break out of its sandbox. Recommendations: Update to...

CVE-2025-5255

The Phoenix Code's configuration on macOS, specifically the presence of entitlements: "com.apple.security.cs.allow-dyld-environment-variables" and "com.apple.security.cs.disable-library-validation" allows for Dynamic Library Dylib injection. A local attacker with unprivileged access can use...

CVE-2025-5963 TCC Bypass via Dylib Injection in Postbox

The Postbox's configuration on macOS, specifically the presence of entitlements: "com.apple.security.cs.allow-dyld-environment-variables" and "com.apple.security.cs.disable-library-validation" allows for Dynamic Library Dylib injection. A local attacker with unprivileged access can use environmen...

CVE-2025-4412

On macOS systems, by utilizing a Launch Agent and loading the viscosityopenvpn process from the application bundle, it is possible to load a dynamic library with Viscosity's TCC Transparency, Consent, and Control identity. The acquired resource access is limited without entitlements such as acces...

CVE-2024-23460

The Zscaler Updater process does not validate the digital signature of the installer before execution, allowing arbitrary code to be locally executed. This affects Zscaler Client Connector on MacOS 4.2...

CVE-2024-23746

Miro Desktop 0.8.18 on macOS allows local Electron code injection via a complex series of steps that might be usable in some environments bypass a kTCCServiceSystemPolicyAppBundles requirement via a file copy, an app.app/Contents rename, an asar modification, and a rename back to app.app/Contents...

CVE-2024-51481

Nix is a package manager for Linux and other Unix systems. On macOS, built-in builders such as builtin:fetchurl, exposed to users with import were not executed in the macOS sandbox. Thus, these builders which are running under the nixbld users had read access to world-readable paths and write...

CVE-2023-44077

Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka PMP-2636...

CVE-2023-42844

This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.1, macOS Monterey 12.7.1, macOS Ventura 13.6.1. A website may be able to access sensitive user data when resolving symlinks...

PT-2025-20792 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.5 Description: A logic issue was addressed with improved checks, which may have allowed an app to access sensitive user data. Recommendations: For versions prior to 15.5, update to macOS Sequoia 15.5 to resolve the...

Analyzing CVE-2025-31191: A macOS security-scoped bookmarks-based sandbox escape

In April 2024, Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. An attacker could create an exploit to escape the App Sandbox without user interaction required for any sandboxed app using...

CVE-2025-30444

A race condition was addressed with improved locking. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. Mounting a maliciously crafted SMB network share may lead to system termination...