CVE-2025-31258

MEDIUM

Apple Macos < 15.5 - Improper Access Control

Title source: rule

Description

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to break out of its sandbox.

Exploits (3)

nomisec STUB 42 stars
by wh1te4ever · poc
https://github.com/wh1te4ever/CVE-2025-31258-PoC
github WORKING POC 2 stars
by adminlove520 · pythonpoc
https://github.com/adminlove520/CVE-Poc_All_in_One/tree/main/2025/CVE-2025-31258
nomisec STUB
by sureshkumarsat · poc
https://github.com/sureshkumarsat/CVE-2025-31258-PoC

References (2)

Scores

CVSS v3 6.5
EPSS 0.0010
EPSS Percentile 26.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Details

CWE
CWE-284
Status published
Products (2)
apple/macos < 15.5
Apple/macOS < 15.5
Published May 12, 2025
Tracked Since Feb 18, 2026