CVE-2025-10016 — The Sparkle framework includes a helper tool Autoupdate. Due to lack of authentication of connecting clients a local unprivileged attacker can request installation of crafted malicious PKG file by ra — CVE Database · The Intelligence Room