High severity7.5NVD Advisory· Published Jun 17, 2020· Updated Jun 17, 2026
CVE-2020-13637
CVE-2020-13637
Description
An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and possibly other platforms. It stores the client_key, the device_id, and the public key for end-to-end encryption in cleartext, enabling an attacker (by copying or having access to the local storage database file) to login to the system from any other computer, and get unlimited access to all data in the users's context.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- stashcat/stashcat appdescription
Patches
Vulnerability mechanics
References
2- www.jvanlaak.de/stashcat.htmlnvdThird Party Advisory
- www.jvanlaak.de/stashcat_CWE_312_200527.pdfnvdThird Party Advisory
News mentions
0No linked articles in our index yet.