Low severity3.2NVD Advisory· Published Mar 8, 2025· Updated Apr 15, 2026

CVE-2025-27839

Description

operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation (genuineness check) that causes verification results to be disregarded during the first scan of a card. Exploitation may not have been possible.

Patches

24588188fdb5

https://github.com/tangem/tangem-sdk-androidvia osv

commit

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/tangem/tangem-sdk-android/commit/24588188fdb51ed469cd59d2c595128c1fe63b07nvd
github.com/tangem/tangem-sdk-android/releases/tag/release-app_5.18-409nvd
tangem.com/en/blog/post/app-update/nvd

News mentions

No linked articles in our index yet.

cvss	0.208
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000