diff --git a/changes/macos-app-version b/changes/macos-app-version
new file mode 100644
index 000000000..fcb51ba0e
--- /dev/null
+++ b/changes/macos-app-version
@@ -0,0 +1 @@
+* Improve version detection for macOS apps. This fixes some false positives in macOS vulnerability detection.
diff --git a/server/service/osquery_utils/queries.go b/server/service/osquery_utils/queries.go
index 1d715a373..bcb630af7 100644
--- a/server/service/osquery_utils/queries.go
+++ b/server/service/osquery_utils/queries.go
@@ -609,7 +609,7 @@ var softwareMacOS = DetailQuery{
 	Query: withCachedUsers(`WITH cached_users AS (%s)
 SELECT
   name AS name,
-  bundle_short_version AS version,
+  COALESCE(NULLIF(bundle_short_version, ''), bundle_version) AS version,
   'Application (macOS)' AS type,
   bundle_identifier AS bundle_identifier,
   'apps' AS source,