CVE-2025-53940
CVE-2025-53940 affects Quiet, an open-source p2p chat alternative. Vulnerable in Quiet 6.1.0-alpha.4 and earlier due to an insecure, non-constant-time token verification comparison in the backend/frontend API, enabling a timing attack to guess the token character by character. The issue is resolv...