VYPR
Vendor

Gematik

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2026-33875CriMar 27, 2026
    risk 0.53cvss 9.3epss 0.00

    Gematik Authenticator securely authenticates users for login to digital health applications. Versions prior to 4.16.0 are vulnerable to authentication flow hijacking, potentially allowing attackers to authenticate with the identities of victim users who click on a malicious deep…

  • CVE-2026-33874HigMar 27, 2026
    risk 0.44cvss 7.8epss 0.00

    Gematik Authenticator securely authenticates users for login to digital health applications. Starting in version 4.12.0 and prior to version 4.16.0, the Mac OS version of the Authenticator is vulnerable to remote code execution, triggered when victims open a malicious file.…

  • CVE-2025-25201MedFeb 12, 2025
    risk 0.19cvss 4.0epss 0.00

    Nitrokey 3 Firmware is the the firmware of Nitrokey 3 USB keys. For release 1.8.0, and test releases with PIV enabled prior to 1.8.0, the PIV application could accept invalid keys for authentication of the admin key. This could lead to compromise of the integrity of the data…

  • CVE-2025-54154Oct 3, 2025
    risk 0.00cvss epss 0.00

    An improper authentication vulnerability has been reported to affect QNAP Authenticator. If an attacker gains physical access, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version:…

  • CVE-2024-21390Mar 12, 2024
    risk 0.00cvss epss 0.01

    Microsoft Authenticator Elevation of Privilege Vulnerability

  • CVE-2022-3994Jan 2, 2023
    risk 0.00cvss epss 0.01

    The Authenticator WordPress plugin before 1.3.1 does not prevent subscribers from updating a site's feed access token, which may deny other users access to the functionality in certain configurations.