VYPR

GoSign Desktop

by GoSign

CVEs (1)

  • CVE-2025-34324Nov 18, 2025
    risk 0.00cvss epss 0.00

    GoSign Desktop versions 2.4.0 and earlier use an unsigned update manifest for distributing application updates. The manifest contains package URLs and SHA-256 hashes but is not digitally signed, so its authenticity relies solely on the underlying TLS channel. In affected…