CVE-2025-51497

Published: Jul 17, 2025Modified: Oct 9, 2025

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

An issue was discovered in AdGuard plugin before 1.11.22 for Safari on MacOS. AdGaurd verbosely logged each url that Safari accessed when the plugin was active. These logs went into the MacOS general logs for any unsandboxed process to read. This may be disabled in version 1.11.22.

Affected (1)

Products: Adguard: Adguard For Safari

1 product

Adguard For Safari

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Adguard Adguard For Safari	Before 1.11.22

Related CWEs

Insertion of Sensitive Information into Log File

Information written to log files can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

References (3)

https://adguard.com/en/adguard-safari/overview.html

Source: cve@mitre.org

Product

https://github.com/AdguardTeam/AdGuardForSafari

Source: cve@mitre.org

Product

https://www.mcrich23.com/post/adguard-messed-up-their-logging

Source: cve@mitre.org

Third Party Advisory

Timeline

No history available yet.