CVE-2025-46717

Name of the Vulnerable Software and Affected Versions sudo-rs versions prior to 0.2.6

Description The issue allows users with limited or no sudo privileges to determine the existence of files in folders they cannot access using the sudo --list <pathname> command. This can reveal sensitive information in file names and potentially be used in conjunction with other attacks.

Recommendations For versions prior to 0.2.6, update to version 0.2.6 to resolve the issue. As a temporary workaround, consider restricting access to the sudo --list command to minimize the risk of exploitation.