A vendor‑supplied cryptographic library contains an out‑of‑bounds read in the HPKE decapsulation routine. When a remote caller supplies a specifically crafted short X‑Wing HPKE encapsulated key, the C code reads past the bounds of the intended buffer. The result can either be a termination of the application or, if memory protection mechanisms are absent, the disclosure of arbitrary memory contents. The vulnerability is a classic example of CWE‑125, where an improper bounds check leads to uncontrolled data exposure.

Apple’s macOS platform is affected because the Swift Crypto library shipped with the OS implements the HPKE algorithm. The flaw is present in all Swift Crypto releases before version 4.3.1; the vendor has fixed the issue in that release. Users of any earlier versions that include Swift Crypto on macOS are therefore impacted.

The CVSS metric for this vulnerability is 7.5, indicating a high severity. The EPSS score is below 1 %, suggesting that exploitation likelihood is low, and CISA has not listed it in its Known Exploited Vulnerabilities catalog. The likely attack vector requires an attacker to provide a maliciously crafted HPKE encapsulation to an application or service that uses Swift Crypto to decapsulate keys. Successful exploitation would result in either an application crash or a memory disclosure, potentially exposing sensitive data if proper isolation protections are not in place.