Malicious code in common-tg-service (npm)

Malicious npm package published by user shetty123 as part of a Telegram account hijacking framework targeting Indian Telegram users. All 502 published versions 1.0.1 through 1.3.207 are malicious. Pairs with ams-ssk, which provides the operator's server-side AMS/CMS infrastructure...

MAL-2026-3288 Malicious code in common-tg-service (npm)

Malicious npm package published by user shetty123 as part of a Telegram account hijacking framework targeting Indian Telegram users. All 502 published versions 1.0.1 through 1.3.207 are malicious. Pairs with ams-ssk, which provides the operator's server-side AMS/CMS infrastructure...

GHSA-R9X3-WX45-2V7F

creationtimestamp| type| source ---|---|--- 2026-04-07 19:34:21+00:00| seen| Telegram/OYPeMWdUc2Y5vftMssiNoDYA806NyVd6-qxnWxvkgzfQI...

CVE-2025-11927

creationtimestamp| type| source ---|---|--- 2025-11-01 04:54:35+00:00| seen| Telegram/fB9qiwMMNV4ThlTd4laBlwg5otonr5bPSsPsWB0d7HZo5w...

EUVD-2025-19066

Malicious code in bioql PyPI...

CVE-2025-26431

creationtimestamp| type| source ---|---|--- 2025-09-05 14:29:50+00:00| seen| Telegram/sYpgPkX7-0dSKMKHMgKT3j7nunDF9xJ7Vm4jZySuCmnJ29I...

CVE-2025-41056

creationtimestamp| type| source ---|---|--- 2025-09-04 11:27:24+00:00| seen| Telegram/RVtLirDraukfbjOyQKMYkMPhADL7IWyhJg7pX2T5VoVjr2I...

RHSA-2024:2732

creationtimestamp| type| source ---|---|--- 2025-08-30 09:20:12+00:00| seen| Telegram/XU7wH2g2ar4Q5ytyJoP8AjUKPNymqCc4Mvxhu68U7NE...

CVE-2022-45133

creationtimestamp| type| source ---|---|--- 2025-08-22 21:11:11+00:00| seen| Telegram/CMJBhgGN4JtB-i1RwqAj5Ndpq8iv0nBkPGrvFIKOEp9G-oY...

CVE-2025-54609

creationtimestamp| type| source ---|---|--- 2025-08-06 15:52:35+00:00| seen| Telegram/xXswO61gI4whAQcztcPhdcBgMZNRmo8BIwHTXYTf8rLUs...

CVE-2025-52572

Hikka, a Telegram userbot, has vulnerability affects all users on all versions of Hikka. Two scenarios are possible. 1. Web interface does not have an authenticated session: attacker can use his own Telegram account to gain RCE to the server by authorizing in the dangling web interface. 2. Web...

CVE-2025-52571

Hikka is a Telegram userbot. A vulnerability affects all users of versions below 1.6.2, including most of the forks. It allows an unauthenticated attacker to gain access to Telegram account of a victim, as well as full access to the server. The issue is patched in version 1.6.2. No known...

CVE-2025-52572

Hikka (Telegram userbot) is affected by an RCE/account-takeover vulnerability via the web interface. If the web UI has no authenticated session, an attacker can abuse access via their own Telegram account to gain RCE on the server. If an authenticated session exists, users may be tricked into app...

CVE-2025-52571 Hikka vulnerable to RCE through edits in a channel

Hikka is a Telegram userbot. A vulnerability affects all users of versions below 1.6.2, including most of the forks. It allows an unauthenticated attacker to gain access to Telegram account of a victim, as well as full access to the server. The issue is patched in version 1.6.2. No known...

CVE-2025-52571

Hikka is a Telegram userbot vulnerable to an unauthenticated credential/remote access issue in all versions below 1.6.2. The root cause enables an attacker to gain access to a victim’s Telegram account and full control of the server. The vulnerability is patched in version 1.6.2; no public workar...

CVE-2025-52571 Hikka vulnerable to RCE through edits in a channel

Hikka is a Telegram userbot. A vulnerability affects all users of versions below 1.6.2, including most of the forks. It allows an unauthenticated attacker to gain access to Telegram account of a victim, as well as full access to the server. The issue is patched in version 1.6.2. No known...

Hikka 授权问题漏洞

Hikka is a developer-oriented Telegram user bot by Daniil Gazizullin Personal Developer. An authorization issue vulnerability exists in Hikka versions prior to 1.6.2, which stems from an unauthenticated attacker being able to gain full access to a victim's Telegram account and server...

CVE-2025-31232

creationtimestamp| type| source ---|---|--- 2025-05-13 19:31:01+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16205 2026-04-02 22:17:20+00:00| seen| Telegram/uS-LGheIl2lIO3kT7MFmdoi3VL-1CYgYB6CRF5I8i3PT0...

CVE-2022-32926

creationtimestamp| type| source ---|---|--- 2025-05-06 19:21:00+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15187...

Telegram-Checker - A Python Tool For Checking Telegram Accounts Via Phone Numbers Or Usernames

Enhanced version of bellingcat's Telegram Phone Checker! A Python script to check Telegram accounts using phone numbers or username. ✨ Features 🔍 Check single or multiple phone numbers and usernames 📁 Import numbers from text file 📸 Auto-download profile pictures 💾 Save results as JSON 🔐 Secure...