VYPR
High severity7.5NVD Advisory· Published Oct 30, 2025· Updated Apr 15, 2026

CVE-2025-61113

CVE-2025-61113

Description

TalkTalk 3.3.6 Android App contains improper access control vulnerabilities in multiple API endpoints. By modifying request parameters, attackers may obtain sensitive user information (such as device identifiers and birthdays) and access private group information, including join credentials. Successful exploitation may result in privacy breaches and unauthorized access to restricted resources.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.