CVE-2025-46306 – This vulnerability allows attackers to read sen... (How to Fix)

Q: What is the severity of CVE-2025-46306?

CVE-2025-46306 has a CVSS score of 5.5 (MEDIUM). This vulnerability allows attackers to read sensitive memory contents by tricking users into opening malicious Keynote files. It affects macOS, iOS, iPadOS, and Keynote users who process untrusted presentation files. The memory disclosure could expose passwords, encryption keys, or other sensitive data.

📋 TL;DR

This vulnerability allows attackers to read sensitive memory contents by tricking users into opening malicious Keynote files. It affects macOS, iOS, iPadOS, and Keynote users who process untrusted presentation files. The memory disclosure could expose passwords, encryption keys, or other sensitive data.

💻 Affected Systems

Products:

macOS
iOS
iPadOS
Keynote

Versions: Versions before macOS Tahoe 26, iOS 26, iPadOS 26, and Keynote 15.1

Operating Systems: macOS, iOS, iPadOS

Default Config Vulnerable: ⚠️ Yes

Notes: All default configurations are vulnerable. The vulnerability is triggered by processing malicious Keynote files.

📦 What is this software?

Macos by Apple

macOS is Apple's desktop and laptop operating system powering Mac computers used by millions of professionals, developers, creative professionals, and enterprise users worldwide. Built on a Unix foundation with the Darwin kernel and modern Cocoa frameworks, macOS delivers a seamless ecosystem integr...

Learn more about Macos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete memory dump revealing passwords, encryption keys, session tokens, and other sensitive application data leading to full system compromise.

🟠

Likely Case

Limited memory disclosure revealing some application data or user information, potentially enabling further attacks.

🟢

If Mitigated

No impact if systems are patched or if users never open untrusted Keynote files.

🌐 Internet-Facing: LOW

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction (opening malicious file). No public exploit code is currently available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: macOS Tahoe 26, iOS 26, iPadOS 26, Keynote 15.1

Vendor Advisory: https://support.apple.com/en-us/125108

Restart Required: Yes

Instructions:

1. Open System Settings > General > Software Update. 2. Install available updates for macOS/iOS/iPadOS. 3. For Keynote, update via App Store > Updates. 4. Restart device after installation.

🔧 Temporary Workarounds

Disable automatic file opening

all

Prevent Keynote from automatically opening files to reduce attack surface

Sandbox Keynote execution

macOS

Run Keynote in restricted environments to limit memory access

🧯 If You Can't Patch

Block Keynote files from untrusted sources at network perimeter
Educate users to never open Keynote files from unknown senders

🔍 How to Verify

Check if Vulnerable:

Check macOS version: About This Mac > macOS version. Check iOS/iPadOS: Settings > General > About > Version. Check Keynote: Open Keynote > Keynote menu > About Keynote.

Check Version:

macOS: sw_vers -productVersion, iOS/iPadOS: Settings > General > About

Verify Fix Applied:

Verify version numbers match or exceed: macOS Tahoe 26, iOS 26, iPadOS 26, Keynote 15.1

📡 Detection & Monitoring

Log Indicators:

Keynote crash logs with memory access violations
Unexpected Keynote file processing from untrusted sources

Network Indicators:

Inbound Keynote files from suspicious sources
Outbound data exfiltration after Keynote file processing

SIEM Query:

source="*keynote*" AND (event="crash" OR event="memory_access")

📊 Metadata

CVE ID: CVE-2025-46306

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE: CWE-125

EPSS Score: 0.01% exploit probability (1.3th percentile)

Published: January 28, 2026

Last Updated: January 30, 2026

🔗 References

https://support.apple.com/en-us/125108 Release Notes,Vendor Advisory
https://support.apple.com/en-us/125110 Release Notes,Vendor Advisory
https://support.apple.com/en-us/126254 Release Notes,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-46306, you might also want to check these: