Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2025-46293
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data.
CVSS Score
5.5
EPSS Score
0.0
Published
2026-06-11
CVE-2025-46308
An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to leak sensitive user information.
CVSS Score
5.3
EPSS Score
0.0
Published
2026-06-11
CVE-2025-46315
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. An app may be able to access protected user data.
CVSS Score
7.5
EPSS Score
0.0
Published
2026-06-11
CVE-2025-43339
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Tahoe 26.1. A malicious app may be able to access sensitive user data.
CVSS Score
5.5
EPSS Score
0.0
Published
2026-06-11
CVE-2025-24268
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data.
CVSS Score
5.5
EPSS Score
0.0
Published
2026-06-11
CVE-2025-24284
This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Sequoia 15.4. An app may be able to break out of its sandbox.
CVSS Score
8.8
EPSS Score
0.0
Published
2026-06-11
CVE-2025-30431
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A malicious app may be able to access private information.
CVSS Score
5.5
EPSS Score
0.0
Published
2026-06-11
CVE-2025-30459
A privacy issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.4. An app may be able to access sensitive user data.
CVSS Score
5.5
EPSS Score
0.0
Published
2026-06-11
CVE-2025-31272
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to bypass launch constraint protections and execute malicious code with elevated privileges.
CVSS Score
7.8
EPSS Score
0.0
Published
2026-06-11
CVE-2026-44492
Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios does not normalise IPv4-mapped IPv6 addresses. When NO_PROXY lists an IPv4 address such as 127.0.0.1 or 169.254.169.254, a request URL using the IPv4-mapped IPv6 form (::ffff:7f00:1, ::ffff:a9fe:a9fe) still routes through the configured proxy. Node.js resolves these addresses to the underlying IPv4 host, so the request reaches the internal service via the proxy rather than being blocked. This vulnerability is fixed in 0.32.0 and 1.16.0.
CVSS Score
8.6
EPSS Score
0.0
Published
2026-06-11


Products
Pricing
Contact Us

Shodan ® - All rights reserved