Threat Advisories - NVD Disclosed June 16, 2025

CVE-2025-43200

Apple Operating System Vulnerability Affects Photo and Video Processing

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A logic flaw in Apple operating systems allows for unauthorized access to sensitive information when processing maliciously crafted photos or videos shared via iCloud Links. While not widespread, this vulnerability has reportedly been exploited in sophisticated, targeted attacks against specific individuals, posing a b

NVD published: June 16, 2025 • CISA KEV

CVE advisoryCRITICAL

CVE-2025-49796

Libxml2 Memory Corruption Leads to Denial of Service.

Halo Surface Signal: 3 out of 5 — possibly public-facing.

A memory corruption vulnerability in libxml2 can allow an attacker to cause a denial of service or undefined behavior by crafting malicious XML input. This impacts organizations by potentially disrupting services and data integrity. The attack vector is network-based, posing a business risk depending on application dep

NVD published: June 16, 2025

CVE advisoryCRITICAL

CVE-2025-49794

Libxml2 XML Parsing Vulnerability May Lead to Program Crash.

Halo Surface Signal: 3 out of 5 — possibly public-facing.

A vulnerability in libxml2 may allow an attacker to crash programs or cause undefined behavior by submitting a crafted XML document. Organizations using libxml2 for XML processing face business risk from potential service disruptions.

NVD published: June 16, 2025