Vulnerability Database

309,961

Total vulnerabilities in the database

CVE-2025-31248

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.5, macOS Sonoma 14.7.3. An app may be able to access sensitive user data.

Published: Nov 21, 2025
Updated: Nov 23, 2025
CVE: CVE-2025-31248
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-22

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
apple / macos	-	13.7.3
apple / macos	14.0	14.7.3
apple / macos	15.0	15.5

https://support.apple.com/en-us/122069
https://support.apple.com/en-us/122070
https://support.apple.com/en-us/122716

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo