CVE-2025-48555

Name of the Vulnerable Software and Affected Versions NotificationStation (affected versions not specified)

Description The software contains a possible cross-profile information disclosure due to a confused deputy condition in multiple functions of NotificationStation.java. This issue could lead to local escalation of privilege without requiring additional execution privileges or user interaction. The vulnerable functions are located at https://t.co/jFLr70O7HO. A confused deputy occurs when a program unintentionally performs an action on behalf of another program, potentially leading to unauthorized access or modification of data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.