CVE-2025-23421 Qardio iOS and Android applications Files or Directories Accessible to External Parties

An attacker could obtain firmware files and reverse engineer their intended use leading to loss of confidentiality and integrity of the hardware devices enabled by the Qardio iOS and Android applications...

CVE-2025-20615 Qardio Heart Health IOS Mobile Application Exposure of Private Personal Information to an Unauthorized Actor

The Qardio Arm iOS application exposes sensitive data such as usernames and passwords in a plist file. This allows an attacker to log in to production-level development accounts and access an engineering backdoor in the application. The engineering backdoor allows the attacker to send hex-based...