CVE Catalog
CVE-2025-46293
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk0.01%
2th percentile — higher than 2% of all known CVEs
Summary
The issue concerns improper handling of symlinks, which may allow an app to access protected user data. It is fixed in macOS Sequoia 15.4.
Risk Assessment
The organization may be exposed to unauthorized access to sensitive user data, potentially leading to privacy and security breaches.
Recommendation
It is recommended to update the system to macOS Sequoia 15.4 to mitigate this vulnerability.
Original NVD description (English source)
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data.

