{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-31259","assignerOrgId":"286789f9-fbc2-4510-9f9a-43facdede74c","state":"PUBLISHED","assignerShortName":"apple","dateReserved":"2025-03-27T16:13:58.337Z","datePublished":"2025-05-12T21:42:27.483Z","dateUpdated":"2026-04-02T18:12:17.385Z"},"containers":{"cna":{"problemTypes":[{"descriptions":[{"lang":"en","description":"An app may be able to capture a screenshot of an app entering or exiting full screen mode"}]}],"affected":[{"vendor":"Apple","product":"macOS","versions":[{"version":"0","status":"affected","lessThan":"14.8","versionType":"custom"},{"version":"0","status":"affected","lessThan":"15.5","versionType":"custom"},{"version":"0","status":"affected","lessThan":"15.7","versionType":"custom"},{"version":"0","status":"affected","lessThan":"26","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"A privacy issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5, macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to capture a screenshot of an app entering or exiting full screen mode."}],"references":[{"url":"https://support.apple.com/en-us/122716"},{"url":"https://support.apple.com/en-us/125110"},{"url":"https://support.apple.com/en-us/125111"},{"url":"https://support.apple.com/en-us/125112"}],"providerMetadata":{"orgId":"286789f9-fbc2-4510-9f9a-43facdede74c","shortName":"apple","dateUpdated":"2026-04-02T18:12:17.385Z"}},"adp":[{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":7.8,"attackVector":"LOCAL","baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"LOW","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"id":"CVE-2025-31259","role":"CISA Coordinator","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2025-05-14T04:01:09.682629Z"}}}],"problemTypes":[{"descriptions":[{"lang":"en","type":"CWE","cweId":"CWE-20","description":"CWE-20 Improper Input Validation"}]}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-02-26T18:28:38.384Z"}},{"title":"CVE Program Container","references":[{"url":"http://seclists.org/fulldisclosure/2025/Sep/55"},{"url":"http://seclists.org/fulldisclosure/2025/Sep/54"},{"url":"http://seclists.org/fulldisclosure/2025/Sep/53"},{"url":"http://seclists.org/fulldisclosure/2025/May/7"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T19:52:35.740Z"}}]}}