CVE-2021-23827

Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media such as private pictures in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodolog...

CVE-2019-16992

The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user's private key to sign a certain cryptocurrency attestation that an address at keybase.io can be used for Stellar payments to the user, which might be incompatible with a user's personal position on...

Malicious code in keybase-live-feed (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 04e37d8ed67c047350e5767575fe330037e3df4a1d2bc9a1159801b02c54a375 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3069 Malicious code in keybase-live-feed (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 04e37d8ed67c047350e5767575fe330037e3df4a1d2bc9a1159801b02c54a375 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

openSUSE Security Advisory (openSUSE-SU-2024:0224-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (openSUSE-SU-2024:0194-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for keybase-client (moderate)

openSUSE Security Update: Security update for keybase-client Announcement ID: openSUSE-SU-2024:0194-2 Rating: moderate References: 1213928 Cross-References: CVE-2023-29408 CVSS scores: CVE-2023-29408 NVD : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2023-29408 SUSE: 4...

Security update for keybase-client (moderate)

openSUSE Security Update: Security update for keybase-client Announcement ID: openSUSE-SU-2024:0224-2 Rating: moderate References: 1227167 Cross-References: CVE-2024-24792 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now available. Description: This...

OPENSUSE-SU-2024:0224-2 Security update for keybase-client

This update for keybase-client fixes the following issues: - Update the Image dependency to address CVE-2024-24792 boo1227167...

OPENSUSE-SU-2024:0194-2 Security update for keybase-client

This update for keybase-client fixes the following issues: Update to version 6.2.8 Update client CA Fix incomplete locking in config file handling. - Update the Image dependency to address CVE-2023-29408 / boo1213928. This is done via the new update-image-tiff.patch. - Limit parallel test executi...

SUSE CVE-2018-18629

An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary...

Elon Musk Confirms Twitter 2.0 will Bring End-to-End Encryption to Direct Messages

Twitter chief executive Elon Musk confirmed plans for end-to-end encryption E2EE for direct messages on the platform. The feature is part of Musk's vision for Twitter 2.0, which is expected to be what's called an "everything app." Other functionalities include longform tweets and payments,...

The vulnerability of Keybase’s open-source key catalog for iOS and Android clients stems from incomplete cleanup of temporary or auxiliary resources. This allows attackers to expose protected information or cause service failures.

The vulnerability of Keybase’s open-source key catalog for iOS and Android exists due to incomplete cleanup of temporary or auxiliary resources. Exploiting this vulnerability could allow a malicious actor to disclose protected information or cause service failures...

The vulnerability of the Keybase open-source keyring client for Windows allows a hacker to execute arbitrary code.

The vulnerability of Keybase’s open-source keyring for Windows relates to an incorrect limitation on the path name of the restricted access directory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2022-26134 by 1vere$k Just simple PoC for the Atlassian Ji...

Exploit for CVE-2022-31749

CVE-2022-31749 by 1vere$k Simple PoC-checker for CVE-2022-3174...

Exploit for OS Command Injection in Zyxel Usg_Flex_100W_Firmware

CVE-2022-30525 by 1vere$k Rapid7 discovered and reported a...

Exploit for CVE-2022-21907

CVE-2022-21907 Golang Application by 1vere$k CVE-2022-21907 -...

Exploit for CVE-2021-43008

cve-2022-21907-http.sys by 1vere$k CVE-2022-21907 - Double Fre...

Keybase Information Disclosure Vulnerability (CNVD-2022-11494)

Keybase is a PGP-based social networking platform that supports end-to-end encryption. keybase is vulnerable to an information disclosure vulnerability that could be exploited by an attacker to disclose sensitive information that should be removed from a user's file system...