VYPR
Vendor

Signal

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2025-5715LowJun 6, 2025
    risk 0.25cvss 3.8epss 0.00

    A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch…

  • CVE-2022-28345Apr 15, 2022
    risk 0.00cvss epss 0.02

    The Signal app before 5.34 for iOS allows URI spoofing via RTLO injection. It incorrectly renders RTLO encoded URLs beginning with a non-breaking space, when there is a hash character in the URL. This technique allows a remote unauthenticated attacker to send legitimate looking…

  • CVE-2020-5753May 20, 2020
    risk 0.00cvss epss 0.01

    Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling before call is answered or declined.

  • CVE-2019-17192Oct 5, 2019
    risk 0.00cvss epss 0.03

    The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified…

  • CVE-2019-9970Mar 24, 2019
    risk 0.00cvss epss 0.02

    Open Whisper Signal (aka Signal-Desktop) through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android are vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even…

  • CVE-2018-3988Dec 10, 2018
    risk 0.00cvss epss 0.01

    Signal Messenger for Android 4.24.8 may expose private information when using "disappearing messages." If a user uses the photo feature available in the "attach file" menu, then Signal will leave the picture in its own cache directory, which is available to any application on…