Primary

Context

DuckDuckGo Browser for Android Sync Account Data Access Vulnerability

Vulnerability

Patched

A vulnerability in DuckDuckGo Browser for Android has been identified, allowing an unauthenticated attacker to access a victim's Sync account data, including account credentials and email protection information. This issue affects DuckDuckGo Browser versions 5.246.0 and below on Android 13 and earlier.

Impact

Exploitation of this vulnerability could lead to unauthorized access to a user's Sync account data, including sensitive information such as account credentials and email protection details.

Remediation

Users are advised to update to DuckDuckGo Browser version 5.247.0 immediately.

Added: Oct 8, 2025, 7:17 AM

Updated: Oct 8, 2025, 7:17 AM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

4.7

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

2.5

exploitability

4.7

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

DuckDuckGo Browser for Android Sync Account Data Access Vulnerability

Vulnerability

Impact

Remediation

Affected Products

DuckDuckGo Browser

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating