Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Information Disclosure
Apple
Microsoft
Signal Desktop
NVD
CVSS 3.1
3.3
EPSS
0.9%