**Name of the Vulnerable Software and Affected Versions:**

Apple macOS versions prior to 15.4

Apple iOS versions prior to 18.4

Apple iPadOS versions prior to 18.4

Apple visionOS versions prior to 2.4

**Description:**

A logging issue was addressed with improved data redaction. This vulnerability allows an app to potentially access sensitive user data. The vulnerability, dubbed "Sploitlight" (CVE-2025-31199), enables attackers to bypass macOS's Transparency, Consent, and Control (TCC) framework via Spotlight plugins, potentially exposing sensitive data including geolocation and media metadata, as well as data cached by Apple Intelligence.

**Recommendations:**

Update macOS to version 15.4 or later.

Update iOS to version 18.4 or later.

Update iPadOS to version 18.4 or later.

Update visionOS to version 2.4 or later.