37 matches found
CVE-2026-35049 wire-ios has Persistent Remote DoS via Integer Underflow
wire-ios is an iOS client for the Wire secure messaging application. Prior to version 4.16.0, upon receiving a crafted malicious Proteus external message with an encrypted payload that is shorter than 16 bytes, the Wire iOS client crashes. The crash is triggered automatically after message receiv...
CVE-2022-31009
wire-ios is an iOS client for the Wire secure messaging application. Invalid accent colors of Wire communication partners may render the iOS Wire Client partially unusable by causing it to crash multiple times on launch. These invalid accent colors can be used by and sent between Wire users. The...
EUVD-2021-19482
Malware in sbrugna...
EUVD-2022-28583
Malicious code in bioql PyPI...
CVE-2025-49846 wire-ios accidentally logs message contents
wire-ios is an iOS client for the Wire secure messaging application. From Wire iOS 3.111.1 to before 3.124.1, messages that were visible in the view port have been logged to the iOS system logs in clear text. Wire application logs created and managed by the application itself were not affected,...
CVE-2025-49846
Summary : CVE-2025-49846 affects the Wire iOS client. For Wire iOS versions 3.111.1–3.124.1, messages visible in the viewport were logged in clear text to the iOS system logs due to canOpenUrl() being called with an invalid URL, with access requiring physical possession of an unlocked device. The...
PT-2025-27812 · Wire · Wire
Name of the Vulnerable Software and Affected Versions: Wire iOS versions 3.111.1 through 3.124.1 Description: The issue concerns the logging of messages in clear text to the iOS system logs when they are visible in the view port. This occurs due to the canOpenUrl function being called with an...
CVE-2022-23625
Wire-ios is a messaging application using the wire protocol on apple's ios platform. In versions prior to 3.95 malformed resource identifiers may render the iOS Wire Client completely unusable by causing it to repeatedly crash on launch. These malformed resource identifiers can be generated and...
CVE-2021-32666
wire-ios is the iOS version of Wire, an open-source secure messaging app. In wire-ios versions 3.8.0 and prior, a vulnerability exists that can cause a denial of service between users. If a user has an invalid assetID for their profile picture and it contains the " character, it will cause the iO...
CVE-2021-32665
wire-ios is the iOS version of Wire, an open-source secure messaging app. wire-ios versions 3.8.0 and earlier have a bug in which a conversation could be incorrectly set to "unverified. This occurs when: - Self user is added to a new conversation - Self user is added to an existing conversation -...
CVE-2022-31009
wire-ios is an iOS client for the Wire secure messaging application. Invalid accent colors of Wire communication partners may render the iOS Wire Client partially unusable by causing it to crash multiple times on launch. These invalid accent colors can be used by and sent between Wire users. The...
CVE-2022-31009
wire-ios is an iOS client for the Wire secure messaging application. Invalid accent colors of Wire communication partners may render the iOS Wire Client partially unusable by causing it to crash multiple times on launch. These invalid accent colors can be used by and sent between Wire users. The...
CVE-2022-31009 DoS vulnerability: Invalid Accent Colors
wire-ios is an iOS client for the Wire secure messaging application. Invalid accent colors of Wire communication partners may render the iOS Wire Client partially unusable by causing it to crash multiple times on launch. These invalid accent colors can be used by and sent between Wire users. The...
CVE-2022-31009
CVE-2022-31009 affects the Wire iOS client. The root cause is an unnecessary assert when converting an integer to an enum, causing an exception instead of a default fallback, which can crash the iOS Wire Client on startup. The issue is fixed in the wire-ios repo (commit caa0e27dbe51f9edfda8c7a9f0...
CVE-2022-31009 DoS vulnerability: Invalid Accent Colors
wire-ios is an iOS client for the Wire secure messaging application. Invalid accent colors of Wire communication partners may render the iOS Wire Client partially unusable by causing it to crash multiple times on launch. These invalid accent colors can be used by and sent between Wire users. The...
CVE-2022-23625
Wire-ios is a messaging application using the wire protocol on apple's ios platform. In versions prior to 3.95 malformed resource identifiers may render the iOS Wire Client completely unusable by causing it to repeatedly crash on launch. These malformed resource identifiers can be generated and...
CVE-2022-23625
Wire-ios is a messaging application using the wire protocol on apple's ios platform. In versions prior to 3.95 malformed resource identifiers may render the iOS Wire Client completely unusable by causing it to repeatedly crash on launch. These malformed resource identifiers can be generated and...
Code injection
Wire-ios is a messaging application using the wire protocol on apple's ios platform. In versions prior to 3.95 malformed resource identifiers may render the iOS Wire Client completely unusable by causing it to repeatedly crash on launch. These malformed resource identifiers can be generated and...
CVE-2022-23625
CVE-2022-23625 affects Wire-ios on Apple iOS prior to version 3.95. Malformed resource identifiers can be generated and sent between Wire users, causing the iOS Wire Client to repeatedly crash on launch (DoS-like impact). The root cause is in the wire-ios-transport component, where code that remo...
CVE-2022-23625 DoS vulnerability: Malformed Resource Identifiers
Wire-ios is a messaging application using the wire protocol on apple's ios platform. In versions prior to 3.95 malformed resource identifiers may render the iOS Wire Client completely unusable by causing it to repeatedly crash on launch. These malformed resource identifiers can be generated and...