VYPR
Vendor

Rakuten Viber

Products
2
CVEs
6
Across products
7
Status
Private

Products

2

Recent CVEs

6
  • CVE-2025-13476Mar 5, 2026
    risk 0.00cvss epss 0.00

    Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (DPI) systems to trivially identify and block proxy traffic, undermining…

  • CVE-2025-55996Sep 12, 2025
    risk 0.00cvss epss 0.00

    Viber Desktop 25.6.0 is vulnerable to HTML Injection via the text parameter of the message compose/forward interface

  • CVE-2020-14049Jun 22, 2020
    risk 0.00cvss epss 0.02

    Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password…

  • CVE-2018-3987Feb 12, 2020
    risk 0.00cvss epss 0.00

    An exploitable information disclosure vulnerability exists in the 'Secret Chats' functionality of Rakuten Viber on Android 9.3.0.6. The 'Secret Chats' functionality allows a user to delete all traces of a chat either by using a time trigger or by direct request. There is a bug…

  • CVE-2019-18800Nov 6, 2019
    risk 0.00cvss epss 0.01

    Viber through 11.7.0.5 allows a remote attacker who can capture a victim's internet traffic to steal their Viber account, because not all Viber protocol traffic is encrypted. TCP data packet 9 on port 4244 from the victim's device contains cleartext information such as the…

  • CVE-2019-12569Jun 3, 2019
    risk 0.00cvss epss 0.15

    A vulnerability in Viber before 10.7.0 for Desktop (Windows) could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI. An attacker could exploit this vulnerability by convincing a…