CVE-2025-46310

medium

Published 2026-02-11 · Modified 2026-05-26

CVSS v3

6.0

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

CVSS v2

—

VIR risk

6.0

Description

This issue was addressed through improved state management. This issue is fixed in macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26. An attacker with root privileges may be able to delete protected system files.

Predictions

Exploit likelihood

60%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: product-security@apple.com — https://support.apple.com/en-us/126350

vendor Authored 2026-05-27

Vendor advisory: product-security@apple.com — https://support.apple.com/en-us/126349

OS impact

OS	Version	Status	Fixed in
macos		affected	`14.8.4`

References

https://support.apple.com/en-us/125110
https://support.apple.com/en-us/126349
https://support.apple.com/en-us/126350

CWEs

CWE-269

Verify integrity in audit chain (admin only). AS-IS.