Gematik
Products
1- 6 CVEs
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-33875 | Cri | 0.53 | 9.3 | 0.00 | Mar 27, 2026 | Gematik Authenticator securely authenticates users for login to digital health applications. Versions prior to 4.16.0 are vulnerable to authentication flow hijacking, potentially allowing attackers to authenticate with the identities of victim users who click on a malicious deep… | ||
| CVE-2026-33874 | Hig | 0.44 | 7.8 | 0.00 | Mar 27, 2026 | Gematik Authenticator securely authenticates users for login to digital health applications. Starting in version 4.12.0 and prior to version 4.16.0, the Mac OS version of the Authenticator is vulnerable to remote code execution, triggered when victims open a malicious file.… | ||
| CVE-2025-25201 | Med | 0.19 | 4.0 | 0.00 | Feb 12, 2025 | Nitrokey 3 Firmware is the the firmware of Nitrokey 3 USB keys. For release 1.8.0, and test releases with PIV enabled prior to 1.8.0, the PIV application could accept invalid keys for authentication of the admin key. This could lead to compromise of the integrity of the data… | ||
| CVE-2025-54154 | 0.00 | — | 0.00 | Oct 3, 2025 | An improper authentication vulnerability has been reported to affect QNAP Authenticator. If an attacker gains physical access, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version:… | |||
| CVE-2024-21390 | 0.00 | — | 0.01 | Mar 12, 2024 | Microsoft Authenticator Elevation of Privilege Vulnerability | |||
| CVE-2022-3994 | 0.00 | — | 0.01 | Jan 2, 2023 | The Authenticator WordPress plugin before 1.3.1 does not prevent subscribers from updating a site's feed access token, which may deny other users access to the functionality in certain configurations. |
- risk 0.53cvss 9.3epss 0.00
Gematik Authenticator securely authenticates users for login to digital health applications. Versions prior to 4.16.0 are vulnerable to authentication flow hijacking, potentially allowing attackers to authenticate with the identities of victim users who click on a malicious deep…
- risk 0.44cvss 7.8epss 0.00
Gematik Authenticator securely authenticates users for login to digital health applications. Starting in version 4.12.0 and prior to version 4.16.0, the Mac OS version of the Authenticator is vulnerable to remote code execution, triggered when victims open a malicious file.…
- risk 0.19cvss 4.0epss 0.00
Nitrokey 3 Firmware is the the firmware of Nitrokey 3 USB keys. For release 1.8.0, and test releases with PIV enabled prior to 1.8.0, the PIV application could accept invalid keys for authentication of the admin key. This could lead to compromise of the integrity of the data…
- CVE-2025-54154Oct 3, 2025risk 0.00cvss —epss 0.00
An improper authentication vulnerability has been reported to affect QNAP Authenticator. If an attacker gains physical access, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the following version:…
- CVE-2024-21390Mar 12, 2024risk 0.00cvss —epss 0.01
Microsoft Authenticator Elevation of Privilege Vulnerability
- CVE-2022-3994Jan 2, 2023risk 0.00cvss —epss 0.01
The Authenticator WordPress plugin before 1.3.1 does not prevent subscribers from updating a site's feed access token, which may deny other users access to the functionality in certain configurations.