EUVD-2025-13275

Malicious code in bioql PyPI...

CVE-2025-32886

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensitive data...

CVE-2025-32882

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages malleable to an attacker that can access the message...

CVE-2025-32881

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. By default, the GID is the user's phone number unless they specifically opt out. A phone number is very sensitive information because it can be tied back to individuals. The app does not encrypt the GID in messages...

CVE-2025-32886

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with local access to gain information about the protocol and intercept sensitive data...

CVE-2025-32885

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app there makes it possible to inject any custom message into existing v1 networks with any GID and Callsign via a software defined radio. This can be exploited if the device is being used in an unencrypted...

PT-2025-18668 · Gotenna · Gotenna

Name of the Vulnerable Software and Affected Versions: goTenna v1 devices with app 5.5.3 and firmware 0.25.5 Description: An issue was discovered where the GID, which is the user's phone number by default unless they opt out, is not encrypted in messages. This is sensitive information as it can b...

CVE-2025-32885

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app there makes it possible to inject any custom message into existing v1 networks with any GID and Callsign via a software defined radio. This can be exploited if the device is being used in an unencrypted...

goTenna V1 安全漏洞

goTenna V1 is a portable offline communication device from goTenna that enables long-range peer-to-peer communication between smartphones via mesh network technology. A security vulnerability exists in goTenna V1, which stems from a command channel containing next-hop information that could lead ...

goTenna V1 安全漏洞

goTenna V1 is a portable offline communication device from goTenna that enables long-distance peer-to-peer communication between smartphones via mesh network technology. A security vulnerability exists in goTenna V1, which stems from the default use of a phone number as the GID, which may lead to...

PT-2025-18689 · Gotenna · Gotenna

Name of the Vulnerable Software and Affected Versions: goTenna v1 devices with app version 5.5.3 and firmware version 0.25.5 Description: An issue was discovered where the verification token used for sending SMS through a goTenna server is hardcoded in the app. This affects the ability to securel...