CVE-2025-46718

Name of the Vulnerable Software and Affected Versions sudo-rs versions prior to 0.2.6

Description The issue allows users with limited sudo privileges to enumerate the sudoers file, revealing sensitive information about other users' permissions. This can be achieved using the -U flag. Attackers can collect information that can be used for more targeted attacks. Systems where users either do not have sudo privileges or have the ability to run all commands as root through sudo are not affected.

Recommendations For versions prior to 0.2.6, update to version 0.2.6 to resolve the issue. As a temporary workaround, consider restricting the use of the -U flag to minimize the risk of exploitation.