← back
CVE-2025-48464

Exposure of Sensitive Information

CVSS 4.7 MEDIUMEPSS 0.1%CWE-200
Successful exploitation of the vulnerability could allow an unauthenticated attacker to gain access to a victim’s Sync account data such as account credentials and email protection information.
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected products
DuckDuckGo · DuckDuckGo Browser

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://tuxplorer.com/posts/dont-leave-me-outdated/https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-097/