CVE-2025-29805

CWE-200Information Exposure4 documents4 sources
Severity
7.5HIGH
EPSS
8.4%
top 7.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft Microsoft Outlook FOR AndroidMicrosoft Outlook
Timeline
PublishedApr 8

Description

Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a network.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5microsoft/microsoft_outlook_for_android1.04.2509.0
NVDmicrosoft/outlook< 4.2509.0

🔴Vulnerability Details

2
GHSA
GHSA-vq2r-vj3j-964w: Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an unauthorized attacker to disclose information over a netwo2025-04-08
CVEList
Outlook for Android Information Disclosure Vulnerability2025-04-08

📋Vendor Advisories

1
Microsoft
Outlook for Android Information Disclosure Vulnerability2025-04-08
CVE-2025-29805 (HIGH CVSS 7.5) | Exposure of sensitive information t | cvebase.io