CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. By default, the GID is the user's phone number unless they specifically opt out. A phone number is very sensitive information because it can be tied back to individuals. The app does not encrypt the GID in messages...

6.5CVSS6.9AI score0.00066EPSS

Exploits0References1

OSV•added 2025/05/01 6:15 p.m.•1 views

CVE-2025-32889

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The verification token used for sending SMS through a goTenna server is hardcoded in the app...

8.8CVSS5.8AI score0.00086EPSS

Exploits0References2

NVD•added 2025/05/01 6:15 p.m.•9 views

CVE-2025-32886

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensitive data...

5.5CVSS0.00074EPSS

Exploits0References2

CVE•added 2025/05/01 12:0 a.m.•43 views

CVE-2025-32882

CVE-2025-32882 affects goTenna V1 devices: application 5.5.3 and firmware 0.25.5 use a custom encryption implementation without integrity checking, making messages malleable. This vulnerability is described across multiple sources (NVD, Red Hat, PT Security) with no confirmed exploitation details...

6.5CVSS7.1AI score0.00025EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by