Sync · Sync · CVE-2025-48464
**Name of the Vulnerable Software and Affected Versions**
DuckDuckGo browser (affected versions not specified)
**Description**
Successful exploitation of the issue could allow an unauthenticated attacker to gain access to a victim’s Sync account data, including account credentials and email protection information. The issue involves file exfiltration via malicious intent:// URLs.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.