Severity
Medium
Analysis Summary
CVE-2025-30466 CVSS:5.5
Apple macOS Sequoia could allow a local attacker to bypass Same Origin Policy, caused by an issue in the Safari component when using a specially crafted application.
CVE-2025-31231 CVSS:5.5
Apple macOS Sequoia could allow a local attacker to read sensitive location information, caused by a permissions issue in the libnetcore component when using a specially crafted application.
Impact
- Security Bypass
- Information Disclosure
Indicators of Compromise
CVE
CVE-2025-30466
CVE-2025-31231
Affected Vendors
- Apple
Affected Products
- Apple macOS Sequoia- 15.3
Remediation
Refer to the Apple security document patch, upgrade or suggested workaround information.